PC slows down, printer won't work and AVG keeps finding a variety of Trojans which it fixes, but then another one keeps coming back.
I have carried out the scnas as suggested and enclosed reports.
Really appreciate the help!!
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 13/10/2014
Scan Time: 20:22:26
Logfile:
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.13.07
Rootkit Database: v2014.10.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sherwood Chiro
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 330288
Time Elapsed: 13 min, 43 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 4
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [42f938dcd8a43df9804cf9db4db513ed],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [42f938dcd8a43df9804cf9db4db513ed],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [49f2c64e35473afcfca9439206fcb34d],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [49f2c64e35473afcfca9439206fcb34d],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.InstallCore, C:\Users\Sherwood Chiro\Downloads\ZipOpenerSetup.exe, Quarantined, [69d2ae667804b4820b9d448a25df926e],
Physical Sectors: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 08/02/2011 20:14:14
System Uptime: 13/10/2014 20:38:10 (0 hours ago)
.
Motherboard: Acer | | Aspire M3910
Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz | CPU 1 | 3067/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 457 GiB total, 389.132 GiB free.
D: is FIXED (NTFS) - 458 GiB total, 457.75 GiB free.
E: is Removable
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&DC382E&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&DC382E&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP298: 01/10/2014 03:00:11 - Windows Update
RP299: 02/10/2014 20:15:11 - Installed MozyHome
RP300: 10/10/2014 00:00:02 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader 9.5.5 MUI
Advertising Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2014
AVG Web TuneUp
Bonjour
Common Desktop Agent
CutePDF Writer 2.8
D3DX10
Dropbox
Google Chrome
Haali Media Splitter
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotkey Utility
Identity Card
ImagXpress
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
iTunes
Java 7 Update 67
Java Auto Updater
Java(TM) 6 Update 22
join.me
Junk Mail filter update
Maintenance Samsung SCX-4623 Series
Malwarebytes Anti-Malware version 2.0.3.1025
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (BLUEZINC)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 Query Tools English
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
MobileMe Control Panel
MozyHome
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
MyWinLocker Suite
Nero 9 Essentials
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
OpenOffice.org 3.3
PFPortChecker 1.0.39
QuickTime
Readiris Pro 10
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
REALTEK USB Wireless LAN Driver and Utility
REALTEK Wireless LAN Driver
Safari
Samsung Easy Printer Manager
Samsung Network PC Fax
Samsung OCR Software
Samsung Printer Diagnostics
Samsung Universal Print Driver 2
Samsung Universal Scan Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Shredder
SmarThru 4
Spybot - Search & Destroy
TeamViewer 8
TM2 2010.10
TM2 Reporting Components
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2008 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Welcome Center
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
13/10/2014 20:40:23, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.
13/10/2014 20:39:36, Error: Service Control Manager [7000] - The WUSB54GSv2SVC service failed to start due to the following error: The system cannot find the file specified.
13/10/2014 20:39:21, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
13/10/2014 20:39:21, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/10/2014 20:08:58, Error: Application Popup [1060] - \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
13/10/2014 16:09:54, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
13/10/2014 16:09:54, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/10/2014 14:06:18, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
11/10/2014 12:40:53, Error: Disk [11] - The driver detected a controller error on \...\DR8.
11/10/2014 12:40:48, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR8.
11/10/2014 12:40:36, Error: Disk [11] - The driver detected a controller error on \...\DR7.
11/10/2014 12:40:34, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7.
10/10/2014 17:53:35, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
10/10/2014 14:52:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 8 service to connect.
10/10/2014 14:52:37, Error: Service Control Manager [7000] - The TeamViewer 8 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/10/2014 14:49:11, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mozybackup service.
10/10/2014 14:48:26, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 10.67.2
Run by Sherwood Chiro at 20:44:24 on 2014-10-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2999.755 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\BlueZinc\TM2\TM2SchJobsSvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Users\Sherwood Chiro\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\MozyHome\mozybackup.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_m3910&r=17360211d906pe425v1h5w4601u694
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\Sherwood Chiro\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [4623 Scan2PC] "C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
StartupFolder: C:\Users\SHERWO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sherwood Chiro\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\SHERWO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYHO~1.LNK - C:\Program Files\MozyHome\mozystat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{F037E7A1-FD3B-4EFF-A644-019C59AA830E} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{F4569F0F-2D0D-4039-AF31-83DBF6A3B34A}\030313630313347333444303 : DHCPNameServer = 192.168.11.1
TCP: Interfaces\{F4569F0F-2D0D-4039-AF31-83DBF6A3B34A}\14E495 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{F4569F0F-2D0D-4039-AF31-83DBF6A3B34A}\C696E6B6379737 : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-8-6 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-30 152344]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-7-21 244504]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-8-29 50976]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\System32\drivers\RtlProt.sys [2011-2-10 25896]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-8-25 3242000]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-8-25 289328]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 MSSQL$BLUEZINC;SQL Server (BLUEZINC);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Samsung Network Fax Server;Samsung Network Fax Server;C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe [2011-5-10 509664]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-8-21 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-8-21 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-8-21 171928]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.sys [2013-11-26 11576]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-9-4 5095264]
R2 TM2SchJobsSvc;TM2 Scheduled Jobs Service;C:\Program Files (x86)\BlueZinc\TM2\TM2SchJobsSvc.exe [2012-6-6 61952]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-12 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-14 76320]
R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-8-29 1843736]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-5-12 244736]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-10-13 129752]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-5-12 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 WUSB54GSv2SVC;WUSB54GSv2SVC;"C:\Program Files (x86)\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GSv2.exe" --> C:\Program Files (x86)\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-10 111616]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-2-1 305520]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2010-1-7 448512]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-23 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-12 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-10-13 19:21:42 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-13 19:21:23 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-13 19:21:23 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-13 19:21:23 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-10-13 19:21:23 -------- d-----w- C:\ProgramData\Malwarebytes
2014-10-13 19:21:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-13 19:08:58 34808 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-10-13 19:08:56 -------- d-----w- C:\ProgramData\RogueKiller
2014-10-13 07:58:42 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{1E1FC051-FE56-412B-9F01-F87C44C1179A}
2014-10-11 10:29:45 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{3D206936-1079-4B0E-B49E-F8F6E54AF4BE}
2014-10-11 09:07:44 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{9CC9494A-2EE8-4CFA-BFC9-D0FD4579F161}
2014-10-11 07:30:00 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{B728FE37-6D5D-439E-8213-4DABD2E2894A}
2014-10-10 12:02:51 -------- d-----w- C:\ProgramData\SSScan
2014-10-10 08:48:48 154848 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\NetFaxProc64.dll
2014-10-10 08:48:44 225504 ----a-w- C:\Windows\SysWow64\NetFaxPort.dll
2014-10-10 08:48:07 -------- d-----w- C:\Program Files\Common Files\Common Desktop Agent
2014-10-10 08:48:07 -------- d-----w- C:\Program Files (x86)\Common Files\Common Desktop Agent
2014-10-10 08:47:38 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Roaming\Samsung
2014-10-10 08:47:04 41984 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\spe__pc.dll
2014-10-10 08:46:48 34304 ----a-w- C:\Windows\System32\spe__l.dll
2014-10-10 08:46:47 89600 ----a-w- C:\Windows\System32\spe__ci.dll
2014-10-10 08:46:47 162136 ----a-w- C:\Windows\System32\spe__ci.exe
2014-10-10 08:46:41 155696 ----a-w- C:\Windows\wiainst64.exe
2014-10-10 08:46:30 -------- d-----w- C:\Windows\twain_64
2014-10-10 08:45:54 355840 ----a-w- C:\Windows\System32\snWIAMUI.dll
2014-10-10 08:45:54 166640 ----a-w- C:\Windows\System32\TWAINDSM.dll
2014-10-10 08:45:54 148728 ----a-w- C:\Windows\SysWow64\TWAINDSM.dll
2014-10-10 08:45:53 734720 ----a-w- C:\Windows\System32\SnMinDrv.dll
2014-10-10 08:45:53 68096 ----a-w- C:\Windows\System32\SnErHdlr.dll
2014-10-10 08:45:53 579072 ----a-w- C:\Windows\System32\SNWIAUI.dll
2014-10-10 08:45:53 155136 ----a-w- C:\Windows\System32\SnImgFlt.dll
2014-10-10 08:45:52 55296 ----a-w- C:\Windows\System32\SaErHdlr.dll
2014-10-10 08:45:52 365568 ----a-w- C:\Windows\System32\SaMinDrv.dll
2014-10-10 08:45:52 112128 ----a-w- C:\Windows\System32\SaImgFlt.dll
2014-10-10 08:45:49 1571160 ------w- C:\Windows\TotalUninstaller.exe
2014-10-10 07:49:44 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{B423EBF0-5F1E-4772-94F1-1A601489416F}
2014-10-09 16:46:16 -------- d-----w- C:\Program Files (x86)\Common Files\Samsung OCR Software
2014-10-09 09:33:55 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{3625B667-17E1-40AC-B04E-61D593C3E114}
2014-10-08 11:45:44 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{A6860CCE-8C47-4A5F-8665-6D08A4AD2811}
2014-10-08 11:44:48 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{DFB1FB9E-656A-4EBB-BFF0-7900B0FBC61B}
2014-10-08 11:34:39 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{8D334FB3-9B08-4B10-BB09-35E226885814}
2014-10-08 08:21:24 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{5E3EE7CC-621A-467C-81CF-1A0C29FB92FC}
2014-10-08 08:06:25 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{3C2A4240-1C97-441E-BDD8-5EC57FFC8C45}
2014-10-08 07:37:29 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{AE2CBF84-4909-4662-997E-FC5EC53AB168}
2014-10-07 10:10:21 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{CA6AB517-E935-4AFA-BDB6-1B0F3167B34E}
2014-10-06 09:05:20 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{4923F359-00F3-4CD5-B00C-6FF991ECFF52}
2014-10-04 07:24:48 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{AE3FA2D0-61F1-42FF-9E8C-D7C91995610B}
2014-10-03 07:41:09 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{01CBC2AA-B302-4BAF-8731-E7A63A1E88C1}
2014-10-02 08:13:22 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{AA0A5021-AC8A-4B51-A037-E97AE623C26A}
2014-10-01 07:45:21 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{ACFC6B5F-9CE4-4F34-8A71-6DCE79B9A10C}
2014-10-01 00:30:36 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-01 00:30:36 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-30 08:18:25 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{7E77B04A-C003-4C13-91E3-2F02F648DE53}
2014-09-29 09:31:56 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{F432A869-CDC2-4790-890F-831D1009FAC1}
2014-09-27 08:59:38 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{048B4A80-3000-4C07-8047-F79C31917A5D}
2014-09-26 07:56:17 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{7B6F6D6D-CBD6-41F2-862A-1FD782FA1295}
2014-09-25 10:35:33 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{C52E9CDC-F7BB-47DB-B320-0615E2182369}
2014-09-24 10:58:31 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-24 10:58:31 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-24 07:36:57 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{F9536E67-275F-4960-8507-F7CC8D0173D5}
2014-09-23 09:20:12 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{499F0679-3C84-4650-A572-B58FB5C1833C}
2014-09-22 12:35:09 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{48C08C4D-EF3D-4AE8-A62D-1C6E7DB35834}
2014-09-22 00:34:42 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{83C79B8B-BCBD-4E2E-9A80-D5473BB16967}
2014-09-20 07:55:18 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{BEC609C9-BC67-4026-8125-F14D47585D7E}
2014-09-20 07:53:32 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{978C447F-7CD1-425E-B67F-45BCE46B3186}
2014-09-19 07:56:25 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{4DB94922-9946-4CB0-AF7C-FC34DAF60792}
2014-09-18 11:00:10 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{E915367A-25C5-4BA8-8B39-E26E91748BB3}
2014-09-17 07:49:06 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{1D06EAF7-28CA-4AB6-8DFE-0CCED79CEA24}
2014-09-16 08:47:16 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{6C7E4317-27EC-4B5B-AD11-FED9343A4BF6}
2014-09-15 12:04:33 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{7DB9E6CA-9A23-430F-8306-28393B3B7A93}
2014-09-14 23:47:36 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{54D96C1D-B318-4C79-8301-CE199738A790}
.
==================== Find3M ====================
.
2014-09-10 00:18:26 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 00:18:26 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-05 02:10:43 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-05 02:05:42 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-29 16:48:23 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-06 09:50:04 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-08-01 11:53:22 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-08-01 11:35:06 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-07-25 11:55:09 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 01:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 22:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-21 20:03:12 244504 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-07-19 00:10:04 94208 ------w- C:\Windows\SysWow64\ssdevm.dll
2014-07-19 00:08:00 87552 ------w- C:\Windows\System32\ssdevm64.dll
.
============= FINISH: 20:46:38.39 ===============
I have carried out the scnas as suggested and enclosed reports.
Really appreciate the help!!
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 13/10/2014
Scan Time: 20:22:26
Logfile:
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.13.07
Rootkit Database: v2014.10.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sherwood Chiro
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 330288
Time Elapsed: 13 min, 43 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 4
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [42f938dcd8a43df9804cf9db4db513ed],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [42f938dcd8a43df9804cf9db4db513ed],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [49f2c64e35473afcfca9439206fcb34d],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [49f2c64e35473afcfca9439206fcb34d],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.InstallCore, C:\Users\Sherwood Chiro\Downloads\ZipOpenerSetup.exe, Quarantined, [69d2ae667804b4820b9d448a25df926e],
Physical Sectors: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 08/02/2011 20:14:14
System Uptime: 13/10/2014 20:38:10 (0 hours ago)
.
Motherboard: Acer | | Aspire M3910
Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz | CPU 1 | 3067/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 457 GiB total, 389.132 GiB free.
D: is FIXED (NTFS) - 458 GiB total, 457.75 GiB free.
E: is Removable
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&DC382E&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&DC382E&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP298: 01/10/2014 03:00:11 - Windows Update
RP299: 02/10/2014 20:15:11 - Installed MozyHome
RP300: 10/10/2014 00:00:02 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader 9.5.5 MUI
Advertising Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2014
AVG Web TuneUp
Bonjour
Common Desktop Agent
CutePDF Writer 2.8
D3DX10
Dropbox
Google Chrome
Haali Media Splitter
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotkey Utility
Identity Card
ImagXpress
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
iTunes
Java 7 Update 67
Java Auto Updater
Java(TM) 6 Update 22
join.me
Junk Mail filter update
Maintenance Samsung SCX-4623 Series
Malwarebytes Anti-Malware version 2.0.3.1025
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (BLUEZINC)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 Query Tools English
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
MobileMe Control Panel
MozyHome
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
MyWinLocker Suite
Nero 9 Essentials
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
OpenOffice.org 3.3
PFPortChecker 1.0.39
QuickTime
Readiris Pro 10
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
REALTEK USB Wireless LAN Driver and Utility
REALTEK Wireless LAN Driver
Safari
Samsung Easy Printer Manager
Samsung Network PC Fax
Samsung OCR Software
Samsung Printer Diagnostics
Samsung Universal Print Driver 2
Samsung Universal Scan Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Shredder
SmarThru 4
Spybot - Search & Destroy
TeamViewer 8
TM2 2010.10
TM2 Reporting Components
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2008 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Welcome Center
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
13/10/2014 20:40:23, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.
13/10/2014 20:39:36, Error: Service Control Manager [7000] - The WUSB54GSv2SVC service failed to start due to the following error: The system cannot find the file specified.
13/10/2014 20:39:21, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
13/10/2014 20:39:21, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/10/2014 20:08:58, Error: Application Popup [1060] - \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
13/10/2014 16:09:54, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
13/10/2014 16:09:54, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/10/2014 14:06:18, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
11/10/2014 12:40:53, Error: Disk [11] - The driver detected a controller error on \...\DR8.
11/10/2014 12:40:48, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR8.
11/10/2014 12:40:36, Error: Disk [11] - The driver detected a controller error on \...\DR7.
11/10/2014 12:40:34, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7.
10/10/2014 17:53:35, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
10/10/2014 14:52:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 8 service to connect.
10/10/2014 14:52:37, Error: Service Control Manager [7000] - The TeamViewer 8 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/10/2014 14:49:11, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mozybackup service.
10/10/2014 14:48:26, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 10.67.2
Run by Sherwood Chiro at 20:44:24 on 2014-10-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2999.755 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\BlueZinc\TM2\TM2SchJobsSvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Users\Sherwood Chiro\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\MozyHome\mozybackup.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sherwood Chiro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_m3910&r=17360211d906pe425v1h5w4601u694
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\Sherwood Chiro\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [4623 Scan2PC] "C:\Windows\twain_32\Samsung\SCX4623\Scan2Pc.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
StartupFolder: C:\Users\SHERWO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sherwood Chiro\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\SHERWO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYHO~1.LNK - C:\Program Files\MozyHome\mozystat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{F037E7A1-FD3B-4EFF-A644-019C59AA830E} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{F4569F0F-2D0D-4039-AF31-83DBF6A3B34A}\030313630313347333444303 : DHCPNameServer = 192.168.11.1
TCP: Interfaces\{F4569F0F-2D0D-4039-AF31-83DBF6A3B34A}\14E495 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{F4569F0F-2D0D-4039-AF31-83DBF6A3B34A}\C696E6B6379737 : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-8-6 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-30 152344]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-7-21 244504]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-8-29 50976]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\System32\drivers\RtlProt.sys [2011-2-10 25896]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-8-25 3242000]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-8-25 289328]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 MSSQL$BLUEZINC;SQL Server (BLUEZINC);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Samsung Network Fax Server;Samsung Network Fax Server;C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe [2011-5-10 509664]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-8-21 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-8-21 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-8-21 171928]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.sys [2013-11-26 11576]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-9-4 5095264]
R2 TM2SchJobsSvc;TM2 Scheduled Jobs Service;C:\Program Files (x86)\BlueZinc\TM2\TM2SchJobsSvc.exe [2012-6-6 61952]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-12 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-14 76320]
R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-8-29 1843736]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-5-12 244736]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-10-13 129752]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-5-12 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 WUSB54GSv2SVC;WUSB54GSv2SVC;"C:\Program Files (x86)\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GSv2.exe" --> C:\Program Files (x86)\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-10 111616]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-2-1 305520]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2010-1-7 448512]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-23 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-12 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-10-13 19:21:42 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-13 19:21:23 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-13 19:21:23 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-13 19:21:23 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-10-13 19:21:23 -------- d-----w- C:\ProgramData\Malwarebytes
2014-10-13 19:21:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-13 19:08:58 34808 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-10-13 19:08:56 -------- d-----w- C:\ProgramData\RogueKiller
2014-10-13 07:58:42 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{1E1FC051-FE56-412B-9F01-F87C44C1179A}
2014-10-11 10:29:45 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{3D206936-1079-4B0E-B49E-F8F6E54AF4BE}
2014-10-11 09:07:44 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{9CC9494A-2EE8-4CFA-BFC9-D0FD4579F161}
2014-10-11 07:30:00 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{B728FE37-6D5D-439E-8213-4DABD2E2894A}
2014-10-10 12:02:51 -------- d-----w- C:\ProgramData\SSScan
2014-10-10 08:48:48 154848 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\NetFaxProc64.dll
2014-10-10 08:48:44 225504 ----a-w- C:\Windows\SysWow64\NetFaxPort.dll
2014-10-10 08:48:07 -------- d-----w- C:\Program Files\Common Files\Common Desktop Agent
2014-10-10 08:48:07 -------- d-----w- C:\Program Files (x86)\Common Files\Common Desktop Agent
2014-10-10 08:47:38 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Roaming\Samsung
2014-10-10 08:47:04 41984 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\spe__pc.dll
2014-10-10 08:46:48 34304 ----a-w- C:\Windows\System32\spe__l.dll
2014-10-10 08:46:47 89600 ----a-w- C:\Windows\System32\spe__ci.dll
2014-10-10 08:46:47 162136 ----a-w- C:\Windows\System32\spe__ci.exe
2014-10-10 08:46:41 155696 ----a-w- C:\Windows\wiainst64.exe
2014-10-10 08:46:30 -------- d-----w- C:\Windows\twain_64
2014-10-10 08:45:54 355840 ----a-w- C:\Windows\System32\snWIAMUI.dll
2014-10-10 08:45:54 166640 ----a-w- C:\Windows\System32\TWAINDSM.dll
2014-10-10 08:45:54 148728 ----a-w- C:\Windows\SysWow64\TWAINDSM.dll
2014-10-10 08:45:53 734720 ----a-w- C:\Windows\System32\SnMinDrv.dll
2014-10-10 08:45:53 68096 ----a-w- C:\Windows\System32\SnErHdlr.dll
2014-10-10 08:45:53 579072 ----a-w- C:\Windows\System32\SNWIAUI.dll
2014-10-10 08:45:53 155136 ----a-w- C:\Windows\System32\SnImgFlt.dll
2014-10-10 08:45:52 55296 ----a-w- C:\Windows\System32\SaErHdlr.dll
2014-10-10 08:45:52 365568 ----a-w- C:\Windows\System32\SaMinDrv.dll
2014-10-10 08:45:52 112128 ----a-w- C:\Windows\System32\SaImgFlt.dll
2014-10-10 08:45:49 1571160 ------w- C:\Windows\TotalUninstaller.exe
2014-10-10 07:49:44 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{B423EBF0-5F1E-4772-94F1-1A601489416F}
2014-10-09 16:46:16 -------- d-----w- C:\Program Files (x86)\Common Files\Samsung OCR Software
2014-10-09 09:33:55 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{3625B667-17E1-40AC-B04E-61D593C3E114}
2014-10-08 11:45:44 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{A6860CCE-8C47-4A5F-8665-6D08A4AD2811}
2014-10-08 11:44:48 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{DFB1FB9E-656A-4EBB-BFF0-7900B0FBC61B}
2014-10-08 11:34:39 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{8D334FB3-9B08-4B10-BB09-35E226885814}
2014-10-08 08:21:24 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{5E3EE7CC-621A-467C-81CF-1A0C29FB92FC}
2014-10-08 08:06:25 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{3C2A4240-1C97-441E-BDD8-5EC57FFC8C45}
2014-10-08 07:37:29 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{AE2CBF84-4909-4662-997E-FC5EC53AB168}
2014-10-07 10:10:21 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{CA6AB517-E935-4AFA-BDB6-1B0F3167B34E}
2014-10-06 09:05:20 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{4923F359-00F3-4CD5-B00C-6FF991ECFF52}
2014-10-04 07:24:48 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{AE3FA2D0-61F1-42FF-9E8C-D7C91995610B}
2014-10-03 07:41:09 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{01CBC2AA-B302-4BAF-8731-E7A63A1E88C1}
2014-10-02 08:13:22 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{AA0A5021-AC8A-4B51-A037-E97AE623C26A}
2014-10-01 07:45:21 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{ACFC6B5F-9CE4-4F34-8A71-6DCE79B9A10C}
2014-10-01 00:30:36 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-10-01 00:30:36 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-30 08:18:25 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{7E77B04A-C003-4C13-91E3-2F02F648DE53}
2014-09-29 09:31:56 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{F432A869-CDC2-4790-890F-831D1009FAC1}
2014-09-27 08:59:38 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{048B4A80-3000-4C07-8047-F79C31917A5D}
2014-09-26 07:56:17 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{7B6F6D6D-CBD6-41F2-862A-1FD782FA1295}
2014-09-25 10:35:33 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{C52E9CDC-F7BB-47DB-B320-0615E2182369}
2014-09-24 10:58:31 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-24 10:58:31 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-24 07:36:57 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{F9536E67-275F-4960-8507-F7CC8D0173D5}
2014-09-23 09:20:12 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{499F0679-3C84-4650-A572-B58FB5C1833C}
2014-09-22 12:35:09 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{48C08C4D-EF3D-4AE8-A62D-1C6E7DB35834}
2014-09-22 00:34:42 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{83C79B8B-BCBD-4E2E-9A80-D5473BB16967}
2014-09-20 07:55:18 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{BEC609C9-BC67-4026-8125-F14D47585D7E}
2014-09-20 07:53:32 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{978C447F-7CD1-425E-B67F-45BCE46B3186}
2014-09-19 07:56:25 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{4DB94922-9946-4CB0-AF7C-FC34DAF60792}
2014-09-18 11:00:10 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{E915367A-25C5-4BA8-8B39-E26E91748BB3}
2014-09-17 07:49:06 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{1D06EAF7-28CA-4AB6-8DFE-0CCED79CEA24}
2014-09-16 08:47:16 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{6C7E4317-27EC-4B5B-AD11-FED9343A4BF6}
2014-09-15 12:04:33 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{7DB9E6CA-9A23-430F-8306-28393B3B7A93}
2014-09-14 23:47:36 -------- d-----w- C:\Users\Sherwood Chiro\AppData\Local\{54D96C1D-B318-4C79-8301-CE199738A790}
.
==================== Find3M ====================
.
2014-09-10 00:18:26 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 00:18:26 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-05 02:10:43 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-05 02:05:42 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-29 16:48:23 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-06 09:50:04 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-08-01 11:53:22 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-08-01 11:35:06 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-07-25 11:55:09 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 01:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 22:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-21 20:03:12 244504 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-07-19 00:10:04 94208 ------w- C:\Windows\SysWow64\ssdevm.dll
2014-07-19 00:08:00 87552 ------w- C:\Windows\System32\ssdevm64.dll
.
============= FINISH: 20:46:38.39 ===============