I have a windows 7 pro - which is primarily used as a HTPC. Occasionally my daughter gets on there and does some web surfing. It would seem that I now am infected with Surfshield and I am unable to rid this PC of this virus. Any help would be appreciated.
— Click to load...
dds.txt
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16921 BrowserJavaVersion: 10.55.2
Run by jmgrogan at 19:54:41 on 2014-06-30
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.1925 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Coupons\CouponPrinterService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\locator.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\SurfShieldMain\UpdateService.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Realtek\RtkDashClientInstaller\RtkDashClient.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\jmgrogan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Program Files (x86)\SurfShieldMain\proxy_server.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\eHome\EhTray.exe
C:\Windows\ehome\ehRec.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = www.google.com
uSearch Page = www.google.com
uDefault_Page_URL = about:blank
uDefault_Search_URL = about:blank
mStart Page = about:blank
mSearch Page = about:blank
mDefault_Page_URL = about:blank
mDefault_Search_URL = about:blank
uProxyServer = hxxp=127.0.0.1:48557
uProxyOverride = <local>;*.nav-links.com;*.adnxs.com;*.jump9.com;*.rvzrjs.info;*.tractionize.com;*.admailtiser.com;*.contextweb.com;*.pubmatic.com;*.sonital.com;*ads.yahoo.com;*.openx.net;*.deliads.com;*.doubleclick.net;pixel.rubiconproject.com;*.2mdn.net;*.akamaihd.net;*.googlesyndication.com;ad.yieldmanager.com;*.pocotx.net;*.superfish.com;*.ac3.msn.com;*.ajaxcdn.org;s.youtube.com;*.googlevideo.com;*.ytimg.com;*.gstatic.com;*.googleadservices.com;epn.adledge.com;ajax.googleapis.com;*.edgesuite.net;*.yimg.com;*.adjuggler.net;adserver.adtech.de;ada.brucelead.com;*.simpli.fi;ads.dynamicyield.com;*.pocotx.net;*.google-analytics.com;content.markitcdn.com;optimized-by.rubiconproject.com
uSearchAssistant = www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Digiarty_Software_AirPlayit] "C:\Program Files\Digiarty\Air_Playit\airplayit.exe" -min
uRun: [Viber] "C:\Users\jmgrogan\AppData\Local\Viber\Viber.exe" StartMinimized
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\jmgrogan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK -
StartupFolder: C:\Users\jmgrogan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\jmgrogan\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\jmgrogan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://abbottmeetings.webex.com/client/WBXclient-T27L10NSP32EP15-15155/webex/ieatgpc1.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = about:blank
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = about:blank
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jmgrogan\AppData\Roaming\Mozilla\Firefox\Profiles\4s17s4rf.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll
FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\jmgrogan\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\jmgrogan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\jmgrogan\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R?2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-11 1494304]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-5-28 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-5-28 208416]
R1 {f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64;{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64;C:\Windows\System32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys [2014-5-28 61120]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-5-28 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-5-28 423240]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-28 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-5-28 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-5-28 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-28 50344]
R2 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-2-13 177648]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-1-3 14624]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-20 15129376]
R2 RtDashPt;Realtek DASH Protocol Driver;C:\Windows\System32\drivers\RtDashPt.sys [2011-9-19 38504]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-17 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
R2 SurfShieldUpdateService;Update Service for SurfShield;C:\Program Files (x86)\SurfShieldMain\UpdateService.exe [2014-5-26 224432]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-2-1 5037888]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-12-24 270336]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\System32\drivers\HCW85BDA.sys [2012-8-12 1905808]
R3 hcw89;hcw89 service;C:\Windows\System32\drivers\hcw89.sys [2012-8-12 1605376]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-11 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2014-6-7 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-26 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2014-2-1 35112]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-26 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-12 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128]
S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-06-28 09:23:57 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B15ECC81-B392-4EC6-B0C8-6EC399C8A25B}\offreg.dll
2014-06-27 12:52:09 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B15ECC81-B392-4EC6-B0C8-6EC399C8A25B}\mpengine.dll
2014-06-26 00:03:24 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-26 00:03:01 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-26 00:03:01 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-26 00:03:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-22 23:08:32 -------- d-----w- C:\Program Files\iPod
2014-06-22 23:08:31 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-22 23:08:31 -------- d-----w- C:\Program Files\iTunes
2014-06-22 23:08:31 -------- d-----w- C:\Program Files (x86)\iTunes
2014-06-22 23:02:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-06-22 23:02:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-06-22 23:02:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-06-22 23:02:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-06-22 23:02:46 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-06-21 01:03:14 -------- d-----w- C:\Program Files (x86)\predm
2014-06-20 15:03:01 -------- d-----w- C:\Program Files (x86)\SurfShieldMain
2014-06-20 15:02:57 -------- d-----w- C:\Users\jmgrogan\AppData\Local\4377
2014-06-07 13:04:08 -------- d-----w- C:\Users\jmgrogan\Tracing
2014-06-07 12:55:34 -------- d-----w- C:\Windows\en
2014-06-07 12:54:02 58056 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2014-06-07 12:50:44 6081224 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f38771041cf824e04\onedrivesetup.exe
2014-06-07 12:50:44 -------- d-----w- C:\Program Files (x86)\Microsoft OneDrive
2014-06-07 12:50:42 -------- d-----r- C:\Users\jmgrogan\OneDrive
2014-06-07 12:50:28 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2014-06-07 12:49:41 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f2195cb81cf824e03\DSETUP.dll
2014-06-07 12:49:41 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f2195cb81cf824e03\DXSETUP.exe
2014-06-07 12:49:41 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f2195cb81cf824e03\dsetup32.dll
2014-06-07 12:49:39 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f06209591cf824e02\DSETUP.dll
2014-06-07 12:49:39 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f06209591cf824e02\DXSETUP.exe
2014-06-07 12:49:39 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f06209591cf824e02\dsetup32.dll
2014-06-07 12:49:36 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ef4f35c31cf824e01\DSETUP.dll
2014-06-07 12:49:36 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ef4f35c31cf824e01\DXSETUP.exe
2014-06-07 12:49:36 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ef4f35c31cf824e01\dsetup32.dll
2014-06-07 12:49:25 -------- d-----w- C:\Users\jmgrogan\AppData\Local\Windows Live
2014-06-07 12:49:16 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2014-06-05 05:15:15 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-06-05 05:14:11 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2014-06-29 04:55:30 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-29 04:55:30 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-29 00:34:13 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-05-29 00:34:13 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-05-29 00:33:42 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-05-29 00:33:42 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-05-29 00:33:42 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-05-29 00:33:42 43152 ----a-w- C:\Windows\avastSS.scr
2014-05-29 00:33:42 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-05-29 00:33:42 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-05-27 18:26:06 61120 ----a-w- C:\Windows\System32\drivers\{f9d2f209-1697-4837-85f2-d88e4c9f7c81}Gw64.sys
2014-05-24 02:47:54 2239488 ----a-w- C:\Windows\System32\wininet.dll
2014-05-24 02:46:15 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-24 02:46:07 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-24 02:46:07 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-05-24 02:45:26 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-24 01:26:54 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-24 01:25:52 2862080 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-24 01:25:49 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-24 01:25:49 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-05-24 01:25:25 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-24 01:09:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-24 01:03:36 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-24 00:13:44 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-05-24 00:06:55 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-05-16 07:53:18 341848 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2014-05-13 19:52:08 17938608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-05-12 12:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-05-01 21:58:14 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2014-05-01 21:58:14 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-15 07:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
.
============= FINISH: 19:56:19.64 ===============
Displaying dds.txt.
attach.txt.zip