Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:13 AM, on 6/3/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Cathy\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://emachines.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.homesteadingtoday.com/poultry/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Users\Cathy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [MusicManager] "C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe "
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.cinemanow.com
O15 - Trusted Zone: http://*.roxio.com
O15 - Trusted Zone: http://*.roxionow.com
O15 - Trusted Zone: http://*.sonic.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: RoxioNow Service - Rovi Corporation - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13823 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2
Run by Cathy at 12:00:58 on 2013-06-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1290 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k AcfXAudioService
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\fxssvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.homesteadingtoday.com/poultry/
uDefault_Page_URL = hxxp://emachines.msn.com
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = c:\windows\syswow64\userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: af0.Adblock.BHO: {90EFF544-3981-4d46-85C9-C0361D0931D6} -
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Cathy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [MusicManager] "C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe "
mRun: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
StartupFolder: C:\Users\Cathy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\O PENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
Trusted Zone: cinemanow.com
Trusted Zone: cinemanow.com
Trusted Zone: roxio.com
Trusted Zone: roxio.com
Trusted Zone: roxionow.com
Trusted Zone: roxionow.com
Trusted Zone: sonic.com
Trusted Zone: sonic.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4910694C-9797-49CB-A30C-50B8533A214C} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-3-26 45856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AcfXAudioService;AcfXAudioService;C:\Windows\System32\svchost.exe -k AcfXAudioService [2009-7-13 27136]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-9-18 71032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-9-18 384888]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-1-8 23584]
R2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-3-31 244624]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 Realtek11nSU;Realtek11nSU;C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2012-11-21 36864]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2011-8-2 400368]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-3-14 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-8-23 2148216]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\rtl8192su.sys [2011-7-12 694376]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-9-18 393080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 acfva;acfva;C:\Windows\System32\drivers\ACFVA64.sys [2011-2-14 122624]
S3 dgcfltr;DGC Filter Driver;C:\Windows\System32\drivers\ACFDCP64.sys [2011-2-14 34944]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-28 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-28 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-14 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-06-03 16:13:34 -------- d-----w- C:\Users\Cathy\AppData\Local\{1EE07AD3-514C-4864-9A39-5E99C2856B8C}
2013-06-03 12:31:21 -------- d-----w- C:\Users\Cathy\AppData\Local\{1BF46D79-5AA3-4EAF-8B68-A465D51F884F}
2013-06-02 21:59:08 -------- d-----w- C:\Users\Cathy\AppData\Roaming\AVG
2013-06-02 21:57:44 -------- d-----w- C:\ProgramData\AVG
2013-06-02 21:57:04 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-06-02 14:11:16 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-06-02 14:11:00 96664 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-06-02 14:11:00 170232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2013-06-02 12:00:56 -------- d-----w- C:\Users\Cathy\AppData\Local\{D84943BB-39AD-444D-A4BA-99F63217E596}
2013-06-01 12:56:33 -------- d-----w- C:\Users\Cathy\AppData\Local\{FE46DB17-4FD6-4037-9C79-0314BF1D6D83}
2013-05-31 13:22:19 -------- d-----w- C:\Users\Cathy\AppData\Local\{C6A13CD1-D112-4101-BB9A-96A4A6BF31F4}
2013-05-31 03:11:52 -------- d-----w- C:\Users\Cathy\AppData\Local\{AFD09087-842B-4FCE-A19D-0F246E96E68D}
2013-05-30 23:00:32 -------- d-----w- C:\Users\Cathy\AppData\Local\{CB84A3F9-B7FD-44BC-A5D2-D2680975DB18}
2013-05-30 19:56:43 -------- d-----w- C:\Users\Cathy\AppData\Local\{F3E0240F-B0E1-423B-8B0A-B5C1CD7AAD0C}
2013-05-30 19:32:24 -------- d-----w- C:\Users\Cathy\AppData\Roaming\Cruzer Pro
2013-05-30 16:37:33 -------- d-----w- C:\Users\Cathy\AppData\Local\{4A66922A-7F6F-4E40-9316-B7AA5EEF4329}
2013-05-30 14:15:57 -------- d-----w- C:\Users\Cathy\AppData\Local\{E1DE98A6-9A2A-440E-A4A6-6115BA402D0C}
2013-05-30 01:53:44 -------- d-----w- C:\Users\Cathy\AppData\Local\{430CB988-B8BB-4B24-AE88-DBF62DFF8221}
2013-05-29 13:53:06 -------- d-----w- C:\Users\Cathy\AppData\Local\{84D43A1C-9CD6-4B6F-B718-D6C64E535BFC}
2013-05-29 12:30:14 -------- d-----w- C:\Users\Cathy\AppData\Local\{6E70BFAC-3DEE-4EED-A920-96DB34D896DC}
2013-05-28 16:03:34 -------- d-----w- C:\Users\Cathy\AppData\Local\{81188CF7-E513-4271-ADA7-5D4298B43F68}
2013-05-28 13:07:16 -------- d-----w- C:\Users\Cathy\AppData\Local\{426F5D9F-FB95-4F30-A20E-7A0C02B6276B}
2013-05-28 01:49:08 -------- d-----w- C:\Users\Cathy\AppData\Local\{9C224406-C653-455B-AEF9-A168BA25E815}
2013-05-27 13:48:37 -------- d-----w- C:\Users\Cathy\AppData\Local\{2F1600D3-F7BD-4CAA-8B18-D7B7FB976480}
2013-05-27 01:47:54 -------- d-----w- C:\Users\Cathy\AppData\Local\{EC0B7261-8C82-4AB7-929C-756E32E78384}
2013-05-26 13:47:27 -------- d-----w- C:\Users\Cathy\AppData\Local\{04E8C856-26EC-4471-9629-83DE2F57C958}
2013-05-26 01:47:00 -------- d-----w- C:\Users\Cathy\AppData\Local\{CC214C9F-C42C-44D3-BF66-36A3717FC1FA}
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin6.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-05-25 13:46:31 -------- d-----w- C:\Users\Cathy\AppData\Local\{2F3EA6CC-F045-4760-B44F-5A36BA8B1AD7}
2013-05-25 01:25:21 -------- d-----w- C:\Users\Cathy\AppData\Local\{B62BEEAE-2252-41A2-97B2-020B2F09913A}
2013-05-24 13:24:48 -------- d-----w- C:\Users\Cathy\AppData\Local\{8ABFB38F-A4DD-478A-9832-99F98C6A87D6}
2013-05-24 00:54:43 -------- d-----w- C:\Users\Cathy\AppData\Local\{6DDA7213-F5D2-4246-B92B-66DBA8AB5EBD}
2013-05-23 12:44:15 -------- d-----w- C:\Users\Cathy\AppData\Local\{9E2C7C84-8A84-47A8-AC7E-42D1276360F1}
2013-05-23 00:31:06 -------- d-----w- C:\Users\Cathy\AppData\Local\{97EEBF0A-D974-4E52-A7E2-1D021BDDC81C}
2013-05-22 12:30:37 -------- d-----w- C:\Users\Cathy\AppData\Local\{A3122361-58A1-43B3-9217-A3DDE36236AF}
2013-05-22 00:30:00 -------- d-----w- C:\Users\Cathy\AppData\Local\{53DE4051-41D6-4F2F-A1F8-08E35AB78ABF}
2013-05-21 12:29:33 -------- d-----w- C:\Users\Cathy\AppData\Local\{805FF85A-4547-4C56-B3E8-E1753099F1CF}
2013-05-21 00:19:36 -------- d-----w- C:\Users\Cathy\AppData\Local\{205F1957-24B1-4935-8373-299D1E8A3220}
2013-05-20 12:18:55 -------- d-----w- C:\Users\Cathy\AppData\Local\{D436A866-C351-4C6F-BFC7-327AAD18C9BC}
2013-05-20 02:33:47 -------- d-----w- C:\Users\Cathy\AppData\Local\{9D11731F-C23B-4D03-946C-6F33F2F6AF51}
2013-05-19 14:33:47 -------- d-----w- C:\Users\Cathy\AppData\Local\{C3697887-6163-410E-91E6-AF64911247BB}
2013-05-19 02:17:58 -------- d-----w- C:\Users\Cathy\AppData\Local\{0FB76AA8-A515-49F1-BA7D-88DCBCAA4BED}
2013-05-18 14:17:28 -------- d-----w- C:\Users\Cathy\AppData\Local\{3D30AC2F-27D5-40F0-9685-3CD85230FC27}
2013-05-18 02:16:49 -------- d-----w- C:\Users\Cathy\AppData\Local\{709ADF15-A141-418A-9D01-9C2274987806}
2013-05-17 14:16:17 -------- d-----w- C:\Users\Cathy\AppData\Local\{44A43F92-6798-425A-82F6-34BEF32A23F5}
2013-05-17 01:31:10 -------- d-----w- C:\Users\Cathy\AppData\Local\{71B5FB07-3699-4FBC-A7F2-906AB0CB80C8}
2013-05-16 13:30:38 -------- d-----w- C:\Users\Cathy\AppData\Local\{DA23707D-0D4B-489B-A90C-184C45ADA5AD}
2013-05-16 00:19:10 -------- d-----w- C:\Users\Cathy\AppData\Local\{6823BC96-CEC1-48B1-91C3-5B75CFA5A548}
2013-05-15 12:18:35 -------- d-----w- C:\Users\Cathy\AppData\Local\{8A6360FA-69B3-45B6-95B7-45D9A3A81721}
2013-05-15 02:54:44 -------- d-----w- C:\Users\Cathy\AppData\Local\{0B805D83-4303-4F65-849D-15579E6A6586}
2013-05-15 02:51:11 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-15 01:55:13 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 01:55:13 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 01:55:13 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-15 01:54:33 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-15 01:54:33 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 01:54:33 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-15 01:54:32 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-15 01:53:22 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-15 01:53:22 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-14 23:25:38 9195912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-05-14 14:54:14 -------- d-----w- C:\Users\Cathy\AppData\Local\{73554456-9B6A-4254-A857-BC05C6D811D0}
2013-05-14 02:53:46 -------- d-----w- C:\Users\Cathy\AppData\Local\{F9CD579E-F640-4BC3-85E1-D66D258DD3AC}
2013-05-13 14:53:16 -------- d-----w- C:\Users\Cathy\AppData\Local\{461D1F8A-B53B-488C-968D-724F6F50F65F}
2013-05-13 02:10:49 -------- d-----w- C:\Users\Cathy\AppData\Local\{C6E7C3C2-B277-455C-9A84-63193FCC4E92}
2013-05-12 14:10:22 -------- d-----w- C:\Users\Cathy\AppData\Local\{56555482-758B-446E-B817-7476670C4787}
2013-05-12 02:09:53 -------- d-----w- C:\Users\Cathy\AppData\Local\{33CD9E89-0195-43F4-B9D0-15D7C4CE2779}
2013-05-11 14:09:26 -------- d-----w- C:\Users\Cathy\AppData\Local\{38EEA882-ABCD-444C-B0B7-9D0636514DCA}
2013-05-11 02:08:59 -------- d-----w- C:\Users\Cathy\AppData\Local\{D1A94F65-45BD-45D9-9DD7-F7207F59EE54}
2013-05-10 14:08:31 -------- d-----w- C:\Users\Cathy\AppData\Local\{85DC2F97-5172-4E3F-9EB9-51CF8F41D5C5}
2013-05-10 02:07:39 -------- d-----w- C:\Users\Cathy\AppData\Local\{E4BF3918-6A15-42A4-B922-2EA53856656C}
2013-05-09 14:06:42 -------- d-----w- C:\Users\Cathy\AppData\Local\{6679F4E9-DBDF-492A-AE46-E8C763E616F2}
2013-05-09 02:06:07 -------- d-----w- C:\Users\Cathy\AppData\Local\{F654E1FD-7F4E-40FF-B721-3BE52F32A7CF}
2013-05-08 14:05:38 -------- d-----w- C:\Users\Cathy\AppData\Local\{8662ED8B-5FEB-416F-8F5D-30AB412F87FA}
2013-05-08 01:41:12 -------- d-----w- C:\Users\Cathy\AppData\Local\{A0BB0382-39EE-4C75-8CCD-3DFCD380EEF8}
2013-05-07 13:40:41 -------- d-----w- C:\Users\Cathy\AppData\Local\{8284AEAB-A246-4AF0-9D33-08C969311A1B}
2013-05-06 15:47:51 -------- d-----w- C:\Users\Cathy\AppData\Local\{476E2522-9291-47CC-B1D2-355C3662B475}
2013-05-06 03:47:23 -------- d-----w- C:\Users\Cathy\AppData\Local\{C04CA7D3-5F98-46BD-915D-236990B0E987}
2013-05-05 15:46:51 -------- d-----w- C:\Users\Cathy\AppData\Local\{CF3EE314-7D6E-4639-B850-27D0D18EDCC4}
2013-05-05 03:46:24 -------- d-----w- C:\Users\Cathy\AppData\Local\{8B997B0A-040B-4333-A074-23E17522E158}
.
==================== Find3M ====================
.
2013-05-21 12:26:37 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-05-14 23:26:38 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 23:26:38 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-04 00:32:09 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-04 00:32:08 866720 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-05-04 00:32:08 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-05-01 08:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 08:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-19 23:32:55 0 ----a-w- C:\Windows\SysWow64\sho4450.tmp
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-29 07:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-03-26 14:08:34 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-03-26 14:08:34 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-03-21 08:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
.
============= FINISH: 12:08:40.53 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/12/2011 11:27:05 AM
System Uptime: 6/3/2013 11:09:54 AM (1 hours ago)
.
Motherboard: eMachines | | EL1358G
Processor: AMD Athlon(tm) II X2 220 Processor | CPU 1 | 784/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 914 GiB total, 451.084 GiB free.
D: is CDROM ()
E: is Removable
F: is FIXED (NTFS) - 1863 GiB total, 856.82 GiB free.
G: is FIXED (NTFS) - 466 GiB total, 398.605 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer:
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20 (x64 edition)
Acrobat.com
Adapter version 0.909
AdblockIE
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Agatha Christie - 4:50 from Paddington
Aimersoft DVD Ripper(Build 2.7.3.4)
Airlink101 Wireless LAN Driver
Amazon Kindle
Amazon MP3 Downloader 1.0.17
Any Audio Converter 3.2.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Applian FLV and Media Player 3.1.1.12
AVG 2013
AVG PC TuneUp
AVG PC TuneUp Language Pack (en-US)
AVG SafeGuard toolbar
Bejeweled 2 Deluxe
BlueStacks
Bonjour
Brother MFL-Pro Suite DCP-7040
Build-a-lot 2
calibre
CCleaner
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Contrôle ActiveX Windows Live Mesh pour connexions à distance
ConvertHelper 2.2
Corel KPT Collection
Corel KPT Collection for PSPX4
Corel PaintShop Pro X4
Coupon Printer for Windows
CutePDF Writer 2.8
D3DX10
Diner Dash 2 Restaurant Rescue
DivX Setup
Dora's World Adventure
DVD Flick 1.3.0.7
eBay Worldwide
eMachines Games
eMachines Recovery Management
eMachines Registration
eMachines ScreenSaver
eMachines Updater
Eusing Free Registry Cleaner
ffdshow v1.1.3914 [2011-06-29]
Final Drive: Nitro
Flixster
Flixster Collections
FLV Player
FormatFactory 2.96
Free YouTube Download version 3.2.1.320
Galerie de photos Windows Live
GIMP 2.6.11
Google Chrome
Google Drive
Google Earth Plug-in
Google Update Helper
GoToMeeting 4.8.0.723
Hotkey Utility
ICA
iCloud
Identity Card
Insperity OrgPlus 9 Reader
IPM_PSP_COM
iTunes
IVC - Internet Video Converter HD 5.50 EN
Java 7 Update 17
Java 7 Update 21
Java Auto Updater
Jewel Quest Heritage
Junk Mail filter update
Kobo
Korean Fonts Support For Adobe Reader X
KRyLack Burning Suite
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MiMedia
Miro Video Converter
MKVToolNix 5.8.0
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Manager
Mystery Case Files ®: Dire Grove
Mystery P.I. - Stolen in San Francisco
Naevius GVI Converter 1.4
Namco All-Stars: PAC-MAN
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NOOK for PC
NVIDIA Control Panel 307.83
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA Update 1.10.8
NVIDIA Update Components
Octoshape add-in for Adobe Flash Player
OpenOffice.org 3.4.1
Oracle VM VirtualBox 4.1.8
Penguins!
Plants vs. Zombies - Game of the Year
Poker Superstars III
Polar Bowler
Polar Golfer
PSPPContent
PSPPHelp
PSPPro64
PVSonyDll
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver and Utility
RealUpgrade 1.1
RoxioNow Player
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Setup
Spybot - Search & Destroy
SUPERAntiSpyware
SWF & FLV Player 3.0 (build 3.0.33.5106)
The Free YouTube Downloader
Times Reader
Torchlight
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
USB Modem
VC80CRTRedist - 8.0.50727.6195
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 1.1.11
Welcome Center
WildTangent Games App (eMachines Games)
WinCleaner OneClick Professional Clean Version 12
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.01 (64-bit)
Zuma's Revenge
.
==== End Of File ===========================
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-06-03 12:14:52
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000074 WDC_WD10 rev.77.0 931.51GB
Running: ytosdsvo.exe; Driver: C:\Users\Cathy\AppData\Local\Temp\fwdoqpob.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5504:4108] 000007fefb762a7c
---- EOF - GMER 2.1 ----
Scan saved at 11:59:13 AM, on 6/3/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Cathy\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://emachines.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.homesteadingtoday.com/poultry/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Users\Cathy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [MusicManager] "C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe "
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.cinemanow.com
O15 - Trusted Zone: http://*.roxio.com
O15 - Trusted Zone: http://*.roxionow.com
O15 - Trusted Zone: http://*.sonic.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: RoxioNow Service - Rovi Corporation - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13823 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2
Run by Cathy at 12:00:58 on 2013-06-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1290 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k AcfXAudioService
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\fxssvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.homesteadingtoday.com/poultry/
uDefault_Page_URL = hxxp://emachines.msn.com
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = c:\windows\syswow64\userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: af0.Adblock.BHO: {90EFF544-3981-4d46-85C9-C0361D0931D6} -
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Cathy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [MusicManager] "C:\Users\Cathy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe "
mRun: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
StartupFolder: C:\Users\Cathy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\O PENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
Trusted Zone: cinemanow.com
Trusted Zone: cinemanow.com
Trusted Zone: roxio.com
Trusted Zone: roxio.com
Trusted Zone: roxionow.com
Trusted Zone: roxionow.com
Trusted Zone: sonic.com
Trusted Zone: sonic.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4910694C-9797-49CB-A30C-50B8533A214C} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-3-26 45856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AcfXAudioService;AcfXAudioService;C:\Windows\System32\svchost.exe -k AcfXAudioService [2009-7-13 27136]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-9-18 71032]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-9-18 384888]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-1-8 23584]
R2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-3-31 244624]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 Realtek11nSU;Realtek11nSU;C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2012-11-21 36864]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2011-8-2 400368]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-3-14 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-8-23 2148216]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\rtl8192su.sys [2011-7-12 694376]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-9-18 393080]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 acfva;acfva;C:\Windows\System32\drivers\ACFVA64.sys [2011-2-14 122624]
S3 dgcfltr;DGC Filter Driver;C:\Windows\System32\drivers\ACFDCP64.sys [2011-2-14 34944]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-28 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-28 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-14 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-06-03 16:13:34 -------- d-----w- C:\Users\Cathy\AppData\Local\{1EE07AD3-514C-4864-9A39-5E99C2856B8C}
2013-06-03 12:31:21 -------- d-----w- C:\Users\Cathy\AppData\Local\{1BF46D79-5AA3-4EAF-8B68-A465D51F884F}
2013-06-02 21:59:08 -------- d-----w- C:\Users\Cathy\AppData\Roaming\AVG
2013-06-02 21:57:44 -------- d-----w- C:\ProgramData\AVG
2013-06-02 21:57:04 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-06-02 14:11:16 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-06-02 14:11:00 96664 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-06-02 14:11:00 170232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2013-06-02 12:00:56 -------- d-----w- C:\Users\Cathy\AppData\Local\{D84943BB-39AD-444D-A4BA-99F63217E596}
2013-06-01 12:56:33 -------- d-----w- C:\Users\Cathy\AppData\Local\{FE46DB17-4FD6-4037-9C79-0314BF1D6D83}
2013-05-31 13:22:19 -------- d-----w- C:\Users\Cathy\AppData\Local\{C6A13CD1-D112-4101-BB9A-96A4A6BF31F4}
2013-05-31 03:11:52 -------- d-----w- C:\Users\Cathy\AppData\Local\{AFD09087-842B-4FCE-A19D-0F246E96E68D}
2013-05-30 23:00:32 -------- d-----w- C:\Users\Cathy\AppData\Local\{CB84A3F9-B7FD-44BC-A5D2-D2680975DB18}
2013-05-30 19:56:43 -------- d-----w- C:\Users\Cathy\AppData\Local\{F3E0240F-B0E1-423B-8B0A-B5C1CD7AAD0C}
2013-05-30 19:32:24 -------- d-----w- C:\Users\Cathy\AppData\Roaming\Cruzer Pro
2013-05-30 16:37:33 -------- d-----w- C:\Users\Cathy\AppData\Local\{4A66922A-7F6F-4E40-9316-B7AA5EEF4329}
2013-05-30 14:15:57 -------- d-----w- C:\Users\Cathy\AppData\Local\{E1DE98A6-9A2A-440E-A4A6-6115BA402D0C}
2013-05-30 01:53:44 -------- d-----w- C:\Users\Cathy\AppData\Local\{430CB988-B8BB-4B24-AE88-DBF62DFF8221}
2013-05-29 13:53:06 -------- d-----w- C:\Users\Cathy\AppData\Local\{84D43A1C-9CD6-4B6F-B718-D6C64E535BFC}
2013-05-29 12:30:14 -------- d-----w- C:\Users\Cathy\AppData\Local\{6E70BFAC-3DEE-4EED-A920-96DB34D896DC}
2013-05-28 16:03:34 -------- d-----w- C:\Users\Cathy\AppData\Local\{81188CF7-E513-4271-ADA7-5D4298B43F68}
2013-05-28 13:07:16 -------- d-----w- C:\Users\Cathy\AppData\Local\{426F5D9F-FB95-4F30-A20E-7A0C02B6276B}
2013-05-28 01:49:08 -------- d-----w- C:\Users\Cathy\AppData\Local\{9C224406-C653-455B-AEF9-A168BA25E815}
2013-05-27 13:48:37 -------- d-----w- C:\Users\Cathy\AppData\Local\{2F1600D3-F7BD-4CAA-8B18-D7B7FB976480}
2013-05-27 01:47:54 -------- d-----w- C:\Users\Cathy\AppData\Local\{EC0B7261-8C82-4AB7-929C-756E32E78384}
2013-05-26 13:47:27 -------- d-----w- C:\Users\Cathy\AppData\Local\{04E8C856-26EC-4471-9629-83DE2F57C958}
2013-05-26 01:47:00 -------- d-----w- C:\Users\Cathy\AppData\Local\{CC214C9F-C42C-44D3-BF66-36A3717FC1FA}
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin6.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-05-25 18:37:13 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-05-25 13:46:31 -------- d-----w- C:\Users\Cathy\AppData\Local\{2F3EA6CC-F045-4760-B44F-5A36BA8B1AD7}
2013-05-25 01:25:21 -------- d-----w- C:\Users\Cathy\AppData\Local\{B62BEEAE-2252-41A2-97B2-020B2F09913A}
2013-05-24 13:24:48 -------- d-----w- C:\Users\Cathy\AppData\Local\{8ABFB38F-A4DD-478A-9832-99F98C6A87D6}
2013-05-24 00:54:43 -------- d-----w- C:\Users\Cathy\AppData\Local\{6DDA7213-F5D2-4246-B92B-66DBA8AB5EBD}
2013-05-23 12:44:15 -------- d-----w- C:\Users\Cathy\AppData\Local\{9E2C7C84-8A84-47A8-AC7E-42D1276360F1}
2013-05-23 00:31:06 -------- d-----w- C:\Users\Cathy\AppData\Local\{97EEBF0A-D974-4E52-A7E2-1D021BDDC81C}
2013-05-22 12:30:37 -------- d-----w- C:\Users\Cathy\AppData\Local\{A3122361-58A1-43B3-9217-A3DDE36236AF}
2013-05-22 00:30:00 -------- d-----w- C:\Users\Cathy\AppData\Local\{53DE4051-41D6-4F2F-A1F8-08E35AB78ABF}
2013-05-21 12:29:33 -------- d-----w- C:\Users\Cathy\AppData\Local\{805FF85A-4547-4C56-B3E8-E1753099F1CF}
2013-05-21 00:19:36 -------- d-----w- C:\Users\Cathy\AppData\Local\{205F1957-24B1-4935-8373-299D1E8A3220}
2013-05-20 12:18:55 -------- d-----w- C:\Users\Cathy\AppData\Local\{D436A866-C351-4C6F-BFC7-327AAD18C9BC}
2013-05-20 02:33:47 -------- d-----w- C:\Users\Cathy\AppData\Local\{9D11731F-C23B-4D03-946C-6F33F2F6AF51}
2013-05-19 14:33:47 -------- d-----w- C:\Users\Cathy\AppData\Local\{C3697887-6163-410E-91E6-AF64911247BB}
2013-05-19 02:17:58 -------- d-----w- C:\Users\Cathy\AppData\Local\{0FB76AA8-A515-49F1-BA7D-88DCBCAA4BED}
2013-05-18 14:17:28 -------- d-----w- C:\Users\Cathy\AppData\Local\{3D30AC2F-27D5-40F0-9685-3CD85230FC27}
2013-05-18 02:16:49 -------- d-----w- C:\Users\Cathy\AppData\Local\{709ADF15-A141-418A-9D01-9C2274987806}
2013-05-17 14:16:17 -------- d-----w- C:\Users\Cathy\AppData\Local\{44A43F92-6798-425A-82F6-34BEF32A23F5}
2013-05-17 01:31:10 -------- d-----w- C:\Users\Cathy\AppData\Local\{71B5FB07-3699-4FBC-A7F2-906AB0CB80C8}
2013-05-16 13:30:38 -------- d-----w- C:\Users\Cathy\AppData\Local\{DA23707D-0D4B-489B-A90C-184C45ADA5AD}
2013-05-16 00:19:10 -------- d-----w- C:\Users\Cathy\AppData\Local\{6823BC96-CEC1-48B1-91C3-5B75CFA5A548}
2013-05-15 12:18:35 -------- d-----w- C:\Users\Cathy\AppData\Local\{8A6360FA-69B3-45B6-95B7-45D9A3A81721}
2013-05-15 02:54:44 -------- d-----w- C:\Users\Cathy\AppData\Local\{0B805D83-4303-4F65-849D-15579E6A6586}
2013-05-15 02:51:11 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-15 01:55:13 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 01:55:13 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 01:55:13 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-15 01:54:33 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-15 01:54:33 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 01:54:33 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-15 01:54:32 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-15 01:53:22 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-15 01:53:22 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-14 23:25:38 9195912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-05-14 14:54:14 -------- d-----w- C:\Users\Cathy\AppData\Local\{73554456-9B6A-4254-A857-BC05C6D811D0}
2013-05-14 02:53:46 -------- d-----w- C:\Users\Cathy\AppData\Local\{F9CD579E-F640-4BC3-85E1-D66D258DD3AC}
2013-05-13 14:53:16 -------- d-----w- C:\Users\Cathy\AppData\Local\{461D1F8A-B53B-488C-968D-724F6F50F65F}
2013-05-13 02:10:49 -------- d-----w- C:\Users\Cathy\AppData\Local\{C6E7C3C2-B277-455C-9A84-63193FCC4E92}
2013-05-12 14:10:22 -------- d-----w- C:\Users\Cathy\AppData\Local\{56555482-758B-446E-B817-7476670C4787}
2013-05-12 02:09:53 -------- d-----w- C:\Users\Cathy\AppData\Local\{33CD9E89-0195-43F4-B9D0-15D7C4CE2779}
2013-05-11 14:09:26 -------- d-----w- C:\Users\Cathy\AppData\Local\{38EEA882-ABCD-444C-B0B7-9D0636514DCA}
2013-05-11 02:08:59 -------- d-----w- C:\Users\Cathy\AppData\Local\{D1A94F65-45BD-45D9-9DD7-F7207F59EE54}
2013-05-10 14:08:31 -------- d-----w- C:\Users\Cathy\AppData\Local\{85DC2F97-5172-4E3F-9EB9-51CF8F41D5C5}
2013-05-10 02:07:39 -------- d-----w- C:\Users\Cathy\AppData\Local\{E4BF3918-6A15-42A4-B922-2EA53856656C}
2013-05-09 14:06:42 -------- d-----w- C:\Users\Cathy\AppData\Local\{6679F4E9-DBDF-492A-AE46-E8C763E616F2}
2013-05-09 02:06:07 -------- d-----w- C:\Users\Cathy\AppData\Local\{F654E1FD-7F4E-40FF-B721-3BE52F32A7CF}
2013-05-08 14:05:38 -------- d-----w- C:\Users\Cathy\AppData\Local\{8662ED8B-5FEB-416F-8F5D-30AB412F87FA}
2013-05-08 01:41:12 -------- d-----w- C:\Users\Cathy\AppData\Local\{A0BB0382-39EE-4C75-8CCD-3DFCD380EEF8}
2013-05-07 13:40:41 -------- d-----w- C:\Users\Cathy\AppData\Local\{8284AEAB-A246-4AF0-9D33-08C969311A1B}
2013-05-06 15:47:51 -------- d-----w- C:\Users\Cathy\AppData\Local\{476E2522-9291-47CC-B1D2-355C3662B475}
2013-05-06 03:47:23 -------- d-----w- C:\Users\Cathy\AppData\Local\{C04CA7D3-5F98-46BD-915D-236990B0E987}
2013-05-05 15:46:51 -------- d-----w- C:\Users\Cathy\AppData\Local\{CF3EE314-7D6E-4639-B850-27D0D18EDCC4}
2013-05-05 03:46:24 -------- d-----w- C:\Users\Cathy\AppData\Local\{8B997B0A-040B-4333-A074-23E17522E158}
.
==================== Find3M ====================
.
2013-05-21 12:26:37 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-05-14 23:26:38 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 23:26:38 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-04 00:32:09 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-04 00:32:08 866720 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-05-04 00:32:08 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-05-01 08:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 08:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-19 23:32:55 0 ----a-w- C:\Windows\SysWow64\sho4450.tmp
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-29 07:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-03-26 14:08:34 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-03-26 14:08:34 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-03-21 08:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
.
============= FINISH: 12:08:40.53 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/12/2011 11:27:05 AM
System Uptime: 6/3/2013 11:09:54 AM (1 hours ago)
.
Motherboard: eMachines | | EL1358G
Processor: AMD Athlon(tm) II X2 220 Processor | CPU 1 | 784/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 914 GiB total, 451.084 GiB free.
D: is CDROM ()
E: is Removable
F: is FIXED (NTFS) - 1863 GiB total, 856.82 GiB free.
G: is FIXED (NTFS) - 466 GiB total, 398.605 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer:
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20 (x64 edition)
Acrobat.com
Adapter version 0.909
AdblockIE
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Agatha Christie - 4:50 from Paddington
Aimersoft DVD Ripper(Build 2.7.3.4)
Airlink101 Wireless LAN Driver
Amazon Kindle
Amazon MP3 Downloader 1.0.17
Any Audio Converter 3.2.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Applian FLV and Media Player 3.1.1.12
AVG 2013
AVG PC TuneUp
AVG PC TuneUp Language Pack (en-US)
AVG SafeGuard toolbar
Bejeweled 2 Deluxe
BlueStacks
Bonjour
Brother MFL-Pro Suite DCP-7040
Build-a-lot 2
calibre
CCleaner
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Contrôle ActiveX Windows Live Mesh pour connexions à distance
ConvertHelper 2.2
Corel KPT Collection
Corel KPT Collection for PSPX4
Corel PaintShop Pro X4
Coupon Printer for Windows
CutePDF Writer 2.8
D3DX10
Diner Dash 2 Restaurant Rescue
DivX Setup
Dora's World Adventure
DVD Flick 1.3.0.7
eBay Worldwide
eMachines Games
eMachines Recovery Management
eMachines Registration
eMachines ScreenSaver
eMachines Updater
Eusing Free Registry Cleaner
ffdshow v1.1.3914 [2011-06-29]
Final Drive: Nitro
Flixster
Flixster Collections
FLV Player
FormatFactory 2.96
Free YouTube Download version 3.2.1.320
Galerie de photos Windows Live
GIMP 2.6.11
Google Chrome
Google Drive
Google Earth Plug-in
Google Update Helper
GoToMeeting 4.8.0.723
Hotkey Utility
ICA
iCloud
Identity Card
Insperity OrgPlus 9 Reader
IPM_PSP_COM
iTunes
IVC - Internet Video Converter HD 5.50 EN
Java 7 Update 17
Java 7 Update 21
Java Auto Updater
Jewel Quest Heritage
Junk Mail filter update
Kobo
Korean Fonts Support For Adobe Reader X
KRyLack Burning Suite
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MiMedia
Miro Video Converter
MKVToolNix 5.8.0
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Manager
Mystery Case Files ®: Dire Grove
Mystery P.I. - Stolen in San Francisco
Naevius GVI Converter 1.4
Namco All-Stars: PAC-MAN
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NOOK for PC
NVIDIA Control Panel 307.83
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA Update 1.10.8
NVIDIA Update Components
Octoshape add-in for Adobe Flash Player
OpenOffice.org 3.4.1
Oracle VM VirtualBox 4.1.8
Penguins!
Plants vs. Zombies - Game of the Year
Poker Superstars III
Polar Bowler
Polar Golfer
PSPPContent
PSPPHelp
PSPPro64
PVSonyDll
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver and Utility
RealUpgrade 1.1
RoxioNow Player
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Setup
Spybot - Search & Destroy
SUPERAntiSpyware
SWF & FLV Player 3.0 (build 3.0.33.5106)
The Free YouTube Downloader
Times Reader
Torchlight
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
USB Modem
VC80CRTRedist - 8.0.50727.6195
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 1.1.11
Welcome Center
WildTangent Games App (eMachines Games)
WinCleaner OneClick Professional Clean Version 12
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.01 (64-bit)
Zuma's Revenge
.
==== End Of File ===========================
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-06-03 12:14:52
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000074 WDC_WD10 rev.77.0 931.51GB
Running: ytosdsvo.exe; Driver: C:\Users\Cathy\AppData\Local\Temp\fwdoqpob.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5504:4108] 000007fefb762a7c
---- EOF - GMER 2.1 ----