Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dwm.exe CPU spiking


  • This topic is locked This topic is locked
2 replies to this topic

#1 rmc08

rmc08

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 30 November 2012 - 09:33 PM

Hey,

I'm a tech expert when it comes to anything computers but this has me stumped. dwm.exe is spiking every few seconds. When I listen to music, I can hear it pause since my whole computer seizes for a few milliseconds. Also, explorer.exe has been crashing, which points to a virus or some stupid dll error of some sort. Either way, whatever it is I don't want it on my computer. I started noticing the spiking today, but the explorer.exe crashing I noticed around November 11th. These issues are possibly linked, but regardless the issue shouldn't be ignored.

-Rob

Also, before the question is asked, yes my computer hardware is up to par. The issue has nothing to do with hardware.

======================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Rob at 21:23:44 on 2012-11-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8080.1174 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Program Files (x86)\ShareMouse\smService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\PROGRA~1\McAfee\MSC\McAPExe.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\BisonCam\PID_0361\DeLay.exe
C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvsvr.exe
C:\Program Files (x86)\ChiconyCam\CECAPLF.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Rob\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
D:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Richard Z.H. Wang\FluffyApp\FluffyApp.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
D:\Program Files (x86)\Mindjet\MindManager 10\MmReminderService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Rob\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\explorer.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Program Files\AuthenTec TrueSuite\TouchControl.exe
C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
C:\Windows\system32\taskmgr.exe
c:\program files (x86)\teamviewer\version7\TeamViewer_Desktop.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDockTray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: CmjBrowserHelperObject Object: {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - D:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify Web Helper] "C:\Users\Rob\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Steam] "D:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [AdobeBridge] <no file>
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [MMReminderService] D:\Program Files (x86)\Mindjet\MindManager 10\MMReminderService.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [NACAgentUI] C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
StartupFolder: C:\Users\Rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Send Image To MindManager - D:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/201
IE: Send Link To MindManager - D:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/203
IE: Send Page To MindManager - D:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/204
IE: Send Text To MindManager - D:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/202
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - D:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{214FEF21-F30D-47AA-A62F-ECBD48215B5C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{214FEF21-F30D-47AA-A62F-ECBD48215B5C}\1445C414E4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{214FEF21-F30D-47AA-A62F-ECBD48215B5C}\74F4147514950413233362 : DHCPNameServer = 172.16.128.16
TCP: Interfaces\{214FEF21-F30D-47AA-A62F-ECBD48215B5C}\A756C64616 : DHCPNameServer = 167.206.245.129 167.206.245.130
TCP: Interfaces\{214FEF21-F30D-47AA-A62F-ECBD48215B5C}\E456477656162723 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{25FAFF14-DB7F-45F6-B577-18839BF832FD} : DHCPNameServer = 172.16.128.16
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.27\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB} - D:\Program Files (x86)\Mindjet\MindManager 10\sys\MmInternetExplorerActiveSetup.vbs
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [DeLay] C:\Program Files (x86)\BisonCam\PID_0361\DeLay.exe
x64-Run: [CECAPLF] C:\Program Files (x86)\ChiconyCam\CECAPLF.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [KeepSafe] "C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvsvr.exe" /startup
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: ObjectDockShlExt Class - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - C:\Program Files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\l7lrrp0z.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\PROGRA~1\mcafee\msc\npMcSnFFPl64.dll
FF - plugin: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\Rob\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Rob\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\System32\Macromed\Flash\NPSWF64_11_5_502_110.dll
FF - plugin: C:\Windows\System32\npDeployJava1.dll
FF - plugin: C:\Windows\System32\npmproxy.dll
FF - ExtSQL: 2012-11-11 15:12; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\l7lrrp0z.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2012-11-15 18:48; {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}; C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\l7lrrp0z.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
FF - ExtSQL: 2012-11-15 18:55; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\l7lrrp0z.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2012-11-17 18:11; kitsuneymg@gmail.com; C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\l7lrrp0z.default\extensions\kitsuneymg@gmail.com.xpi
FF - ExtSQL: 2012-11-18 01:58; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\l7lrrp0z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-6-19 32896]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-22 19264]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-10-29 771096]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-10-29 339392]
R1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2012-11-10 66040]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-6-19 235520]
R2 FPLService;TrueSuiteService;C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2011-11-3 299848]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-11-10 220856]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-28 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-28 165144]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-11-10 103472]
R2 McMPFSvc;McAfee Personal Firewall;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-11-10 220856]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-11-10 220856]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-11-10 220856]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-11-10 220856]
R2 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2012-11-10 74120]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2012-11-10 1007288]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-11-10 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-10 177680]
R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
R2 NACAgent;Cisco NAC Agent;C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe [2012-10-1 1269720]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2012-5-22 35328]
R2 ShareMouse Service;ShareMouse Service;C:\Program Files (x86)\ShareMouse\smService.exe [2012-11-22 188632]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-11-9 2848168]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-28 363800]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-10-29 69672]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-10 283200]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-6-19 14748416]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-22 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-22 789824]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-10-29 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-10-29 515528]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2012-11-2 328976]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2012-8-28 295056]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-18 677480]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtwlane.sys [2012-8-28 1147024]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-8-25 202632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-11-10 197264]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-4-11 410184]
S3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-4-11 341832]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2012-11-2 97208]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-11 19456]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-11 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-11 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-18 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="D:\Program Files\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-01 00:46:34 -------- d-----w- C:\Program Files\Speccy
2012-11-30 19:29:13 -------- d-----w- C:\Users\Rob\AppData\Roaming\Dropbox
2012-11-30 19:17:59 -------- d-----w- C:\Program Files\Unlocker
2012-11-29 20:33:29 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-11-29 20:33:29 -------- d-----w- C:\Program Files\iTunes
2012-11-29 20:33:29 -------- d-----w- C:\Program Files\iPod
2012-11-29 20:33:29 -------- d-----w- C:\Program Files (x86)\iTunes
2012-11-29 19:36:14 -------- d-----w- C:\Windows\System32\wbem\Framework\root\OpenHardwareMonitor
2012-11-29 19:36:14 -------- d-----w- C:\Windows\System32\wbem\Framework\root
2012-11-29 19:36:14 -------- d-----w- C:\Windows\System32\wbem\Framework
2012-11-29 18:48:33 -------- d-----w- C:\Program Files (x86)\Common Files\Cisco
2012-11-29 05:04:37 -------- d-----w- C:\Users\Rob\AppData\Local\IsolatedStorage
2012-11-29 05:03:40 -------- d-----w- C:\Users\Rob\AppData\Local\Red Gate
2012-11-29 05:03:38 -------- d-----w- C:\Windows\Downloaded Installations
2012-11-28 22:32:04 -------- d-----w- C:\Users\Rob\AppData\Local\ODUI
2012-11-28 22:27:14 -------- d-----w- C:\Users\Rob\AppData\Local\Stardock
2012-11-28 22:26:36 -------- d-----w- C:\Users\Rob\AppData\Roaming\Stardock
2012-11-28 22:26:29 -------- d-----w- C:\ProgramData\Stardock
2012-11-28 22:26:29 -------- d-----w- C:\Program Files (x86)\Common Files\Stardock
2012-11-28 22:26:28 -------- d-----w- C:\Program Files (x86)\Stardock
2012-11-28 22:24:51 -------- d-----r- C:\Sandbox
2012-11-28 22:21:46 -------- d-----w- C:\Program Files\Sandboxie
2012-11-28 06:44:29 -------- d-----w- C:\Program Files (x86)\Resource Hacker
2012-11-23 22:27:19 -------- d-----w- C:\ProgramData\Package Cache
2012-11-23 13:23:21 73064 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-11-23 13:23:21 109416 ----a-w- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll
2012-11-23 13:23:21 105832 ----a-w- C:\Windows\System32\SQSRVRES.DLL
2012-11-23 13:10:09 -------- d-----w- C:\ProgramData\PreEmptive Solutions
2012-11-22 18:34:11 -------- d-----w- C:\Users\Rob\AppData\Roaming\ShareMouse
2012-11-22 18:34:09 -------- d-----w- C:\ProgramData\ShareMouse
2012-11-22 18:34:09 -------- d-----w- C:\Program Files (x86)\ShareMouse
2012-11-22 02:06:31 -------- d-----w- C:\Users\Rob\AppData\Local\4A Games
2012-11-22 02:05:22 73568 ----a-w- C:\Windows\system\PhysXLoader64.dll
2012-11-22 02:05:22 72544 ----a-w- C:\Windows\system\PhysXDevice64.dll
2012-11-22 02:05:22 71008 ----a-w- C:\Windows\system\PhysXLoader.dll
2012-11-22 02:05:22 71008 ----a-w- C:\Windows\system\PhysXDevice.dll
2012-11-22 02:05:22 488800 ----a-w- C:\Windows\system\physxcudart64_20.dll
2012-11-22 02:05:22 405608 ----a-w- C:\Windows\system\cudart64_30_9.dll
2012-11-22 02:05:22 290408 ----a-w- C:\Windows\system\cudart32_30_9.dll
2012-11-22 02:05:22 197912 ----a-w- C:\Windows\system\physxcudart_20.dll
2012-11-22 02:02:32 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-11-22 02:02:26 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-11-21 00:45:36 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-11-21 00:45:36 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-11-21 00:45:36 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-11-21 00:45:36 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-11-21 00:45:36 -------- d-----w- C:\Program Files (x86)\OpenAL
2012-11-20 06:13:56 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-11-20 06:13:56 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2012-11-20 06:13:56 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2012-11-20 06:13:41 -------- d-----w- C:\Users\Rob\AppData\Roaming\Malwarebytes
2012-11-20 06:09:23 1431552 ----a-w- C:\Windows\SysWow64\rewire.dll
2012-11-20 06:09:23 -------- d-----w- C:\Program Files (x86)\VstPlugins
2012-11-20 06:08:41 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm
2012-11-20 06:08:39 -------- d-----w- C:\Program Files (x86)\Outsim
2012-11-20 06:03:50 -------- d-----w- C:\Program Files (x86)\Image-Line
2012-11-19 20:00:00 3123272 ----a-r- C:\Windows\SysWow64\pbsvc.exe
2012-11-18 04:36:50 -------- d-----w- C:\Windows\SysWow64\xlive
2012-11-18 04:36:40 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-11-18 04:35:24 -------- d-----w- C:\Windows\SysWow64\directx
2012-11-17 02:32:22 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-11-17 02:23:42 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-11-17 02:23:42 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-11-17 02:23:41 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-11-16 03:57:02 -------- d-----w- C:\Program Files (x86)\WinPcap
2012-11-16 03:56:49 -------- d-----w- C:\Program Files (x86)\Cain
2012-11-15 23:26:09 -------- d-----w- C:\Users\Rob\AppData\Roaming\.purple
2012-11-15 23:25:49 -------- d-----w- C:\Program Files (x86)\Pidgin
2012-11-15 19:50:40 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2012-11-15 19:50:17 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-11-15 19:50:17 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-11-15 19:49:48 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-11-15 18:05:51 -------- d-----w- C:\Program Files\Waterfox
2012-11-15 17:53:25 -------- d-----w- C:\Users\Rob\AppData\Roaming\Waterfox Limited
2012-11-15 05:37:58 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-15 05:37:57 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-15 05:37:57 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-15 05:37:57 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-15 05:32:47 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-15 05:32:47 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-15 05:32:47 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-15 05:32:47 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-15 05:32:46 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-15 05:32:46 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-15 05:32:46 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 04:21:39 -------- d-----w- C:\Users\Rob\AppData\Roaming\Origin
2012-11-15 04:21:39 -------- d-----w- C:\Program Files (x86)\Origin Games
2012-11-15 04:21:34 -------- d-----w- C:\Users\Rob\AppData\Local\Origin
2012-11-15 04:16:51 -------- d-----w- C:\ProgramData\Origin
2012-11-15 04:16:51 -------- d-----w- C:\ProgramData\Electronic Arts
2012-11-15 04:16:50 -------- d-----w- C:\Program Files (x86)\Origin
2012-11-14 23:46:31 -------- d-----w- C:\Users\Rob\AppData\Roaming\ts3overlay_hook_win64
2012-11-14 23:46:30 -------- d-----w- C:\Users\Rob\AppData\Roaming\ts3overlay
2012-11-14 23:45:34 -------- d-----w- C:\Users\Rob\AppData\Roaming\TS3Client
2012-11-14 23:45:12 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2012-11-13 12:44:13 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll
2012-11-13 02:59:35 -------- d-----w- C:\ProgramData\TrueSuite
2012-11-12 19:55:38 -------- d-----w- C:\Users\Rob\AppData\Local\Logitech
2012-11-12 19:54:58 -------- d-----w- C:\Program Files\Logitech Gaming Software
2012-11-12 19:54:35 -------- d-----w- C:\Users\Rob\AppData\Roaming\Logishrd
2012-11-12 19:10:09 -------- d-----w- C:\Users\Rob\AppData\Local\Adf
2012-11-12 03:31:27 -------- d-----w- C:\Users\Rob\AppData\Local\Mindjet
2012-11-12 03:30:56 6656 ----a-w- C:\Windows\System32\pxc35pm.dll
2012-11-12 03:30:32 -------- d-----w- C:\ProgramData\Mindjet
2012-11-12 03:29:39 -------- d-----w- C:\Users\Rob\AppData\Local\{8027227F-E033-40AD-8B3F-C0658D596D0B}
2012-11-12 03:21:27 78872 ----a-w- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-11-12 03:21:27 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-11-12 03:21:08 -------- d-----w- C:\Windows\System32\RsFx
2012-11-12 03:18:07 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2012-11-12 03:18:07 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2012-11-12 03:18:05 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-11-12 03:18:04 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-11-12 03:13:57 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2012-11-12 03:13:55 -------- d-----w- C:\Program Files\IIS
2012-11-12 03:13:55 -------- d-----w- C:\Program Files (x86)\IIS
2012-11-12 03:13:37 3642528 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2012-11-12 03:08:52 -------- d-----w- C:\Windows\SysWow64\1033
2012-11-12 03:08:37 -------- d-----w- C:\Program Files (x86)\Microsoft F#
2012-11-12 03:08:37 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop
2012-11-12 03:08:37 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules
2012-11-12 03:06:52 -------- d-----w- C:\Windows\System32\1033
2012-11-12 03:06:51 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0
2012-11-12 03:06:51 -------- d-----w- C:\Program Files\Microsoft Help Viewer
2012-11-12 02:44:33 275360 ----a-w- C:\Windows\System32\DreamScene.dll
2012-11-12 02:44:33 -------- d-----w- C:\Windows\System32\WDSA
2012-11-12 02:40:19 -------- d-----w- C:\ProgramData\Cisco
2012-11-12 02:37:24 -------- d-----w- C:\Users\Rob\AppData\Local\Diagnostics
2012-11-12 00:14:49 -------- d-----w- C:\Users\Rob\AppData\Roaming\.minecraft
2012-11-11 21:30:43 -------- d-----w- C:\Users\Rob\AppData\Roaming\Rainmeter
2012-11-11 21:30:37 -------- d-----w- C:\Program Files\Rainmeter
2012-11-11 21:14:50 -------- d-----w- C:\Windows\AutoRearm
2012-11-11 21:01:07 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2012-11-11 21:01:04 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2012-11-11 21:00:54 -------- d-----w- C:\Windows\PCHEALTH
2012-11-11 21:00:54 -------- d-----w- C:\Program Files\Microsoft SQL Server
2012-11-11 21:00:04 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2012-11-11 21:00:04 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-11-11 20:45:09 -------- d-----w- C:\Users\Rob\AppData\Local\Microsoft Help
2012-11-11 20:06:52 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2012-11-11 20:06:52 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2012-11-11 20:06:51 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-11-11 19:41:26 -------- d-----w- C:\Users\Rob\AppData\Local\PMB Files
2012-11-11 19:41:26 -------- d-----w- C:\ProgramData\PMB Files
2012-11-11 19:41:21 -------- d-----w- C:\Program Files (x86)\Pando Networks
2012-11-11 19:41:12 -------- d-----w- C:\Users\Rob\.swt
2012-11-11 18:44:59 -------- d-----w- C:\Program Files\AuthenTec
2012-11-11 05:51:56 -------- d-----w- C:\Users\Rob\AppData\Local\join.me
2012-11-10 21:06:27 -------- dc-h--w- C:\ProgramData\{0F4A7EFE-5950-4389-BF36-1E625D72456B}
2012-11-10 21:06:01 -------- d-----w- C:\Users\Rob\AppData\Local\PackageAware
2012-11-10 20:35:38 -------- d-----w- C:\Users\Rob\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-11-10 20:34:56 -------- d-----w- C:\Users\Rob\AppData\Local\PACE Anti-Piracy
2012-11-10 20:34:56 -------- d-----w- C:\ProgramData\PACE Anti-Piracy
2012-11-10 20:15:08 -------- d-----w- C:\ProgramData\ALM
2012-11-10 08:22:51 -------- d-----w- C:\Users\Rob\AppData\Local\Macromedia
2012-11-10 08:17:02 -------- d-----w- C:\Users\Rob\AppData\Local\Richard_Z.H._Wang
2012-11-10 08:17:00 -------- d-----w- C:\Program Files (x86)\Richard Z.H. Wang
2012-11-10 06:55:38 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-11-10 06:55:35 -------- d-----w- C:\Users\Rob\AppData\Roaming\DAEMON Tools Lite
2012-11-10 06:55:31 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2012-11-10 06:54:48 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2012-11-10 05:54:33 -------- d-----w- C:\Program Files (x86)\McAfeeMOBK
2012-11-10 05:54:32 66040 ----a-w- C:\Windows\System32\drivers\MOBK.sys
2012-11-10 05:54:32 -------- d-----w- C:\Program Files (x86)\McAfee Online Backup
2012-11-10 05:54:29 74120 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys
2012-11-10 05:54:29 197264 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2012-11-10 05:54:29 -------- d-----w- C:\Users\Rob\AppData\Local\McAfee File Lock
2012-11-10 05:54:25 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-11-10 05:54:24 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-11-10 05:54:21 -------- d-----w- C:\Program Files\McAfee.com
2012-11-10 05:54:21 -------- d-----w- C:\Program Files\McAfee
2012-11-10 05:54:20 -------- d-----w- C:\Program Files (x86)\McAfee
2012-11-10 05:42:35 177680 ----a-w- C:\Windows\System32\mfevtps.exe
2012-11-10 05:42:34 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-11-10 05:25:51 -------- d-----w- C:\Users\Rob\AppData\Local\Spotify
2012-11-10 04:57:42 -------- d-----w- C:\Users\Rob\AppData\Local\AuthenTec
2012-11-10 04:55:27 -------- d-----r- C:\Users\Rob\Dropbox
2012-11-10 04:51:06 -------- d-----w- C:\Users\Rob\AppData\Local\Adobe
2012-11-10 04:45:33 -------- d-----w- C:\Program Files (x86)\Evernote
2012-11-10 04:44:55 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-11-10 04:44:45 -------- d-----r- C:\Program Files (x86)\Skype
2012-11-10 04:44:38 178688 ----a-w- C:\Windows\SysWow64\unrar.dll
2012-11-10 04:44:37 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2012-11-10 04:44:00 -------- d-----w- C:\Users\Rob\AppData\Roaming\Spotify
2012-11-10 04:43:52 206336 ----a-w- C:\Windows\System32\unrar.dll
2012-11-10 04:43:52 148992 ----a-w- C:\Windows\System32\lagarith.dll
2012-11-10 04:43:51 127488 ----a-w- C:\Windows\System32\ff_vfw.dll
2012-11-10 04:43:51 -------- d-----w- C:\Users\Rob\AppData\Local\Programs
2012-11-10 04:43:51 -------- d-----w- C:\Program Files\K-Lite Codec Pack x64
2012-11-10 04:43:32 -------- d-----w- C:\Program Files (x86)\TeamViewer
2012-11-10 04:43:07 -------- d-----w- C:\Program Files (x86)\WinSCP
2012-11-10 04:38:05 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-11-02 06:46:50 97208 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2012-11-02 06:46:50 328976 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2012-11-02 06:46:50 10544 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
.
==================== Find3M ====================
.
2012-11-17 02:32:18 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-11-17 02:32:18 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-11-17 02:20:11 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-17 02:20:11 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-10 04:42:08 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-10 04:42:08 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-10 04:42:08 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-29 13:30:30 69672 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-10-29 13:27:26 339392 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2012-10-29 13:25:16 771096 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2012-10-29 13:24:14 515528 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-10-29 13:23:24 309400 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-10-29 13:23:02 178840 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2012-10-27 09:12:28 28104 ----a-w- C:\Windows\System32\xfcodec64.dll
2012-10-25 08:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 08:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-02 01:38:12 31888 ----a-w- C:\Windows\System32\FM20ENU.DLL
2012-10-02 01:35:42 1592456 ----a-w- C:\Windows\System32\FM20.DLL
2012-10-01 23:59:44 828872 ----a-w- C:\Windows\System32\msvcr110.dll
2012-10-01 23:59:44 661448 ----a-w- C:\Windows\System32\msvcp110.dll
2012-10-01 23:59:44 354264 ----a-w- C:\Windows\System32\vccorlib110.dll
2012-10-01 23:59:44 177096 ----a-w- C:\Windows\System32\atl110.dll
2012-09-30 00:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-29 19:11:54 52840 ----a-w- C:\Windows\System32\VEN2232.OLB
2012-09-28 15:32:56 5989776 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-09-28 15:32:56 53760 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 21:24:08.58 ===============

Edited by rmc08, 30 November 2012 - 09:37 PM.


BC AdBot (Login to Remove)

 


#2 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:19 PM

Posted 04 December 2012 - 04:49 PM

Hello Rob and welcome to the forums :)

Please attach the ATTACH.txt file that should have been generated whenever you ran DDS.

Regards

Edited by thisisu, 04 December 2012 - 04:50 PM.


#3 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:19 PM

Posted 07 December 2012 - 02:39 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users