I have been passed a computer that appear to be badly infected with numerous nasties. Hopefully these are just adware but probably not
AVG reports the following
Adware MultiBundle.V
Adware Generic5.APKC
Adware Generic5.APFQ
Unfortunately the person has compounded the problem by downloading numerous PC speedup software offerings, the one I can see include
System Seedup
Optimizer Pro
SpeedUpMyPC
PC Speed Ip
PC Performer
PC Speed Maximizer
another program I don't recognise is
Advanced System Protector
Thankyou for any help you can give.
P.
Below is the DDS.txt file and attached is the attach.zip file as requested
-----------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16798 BrowserJavaVersion: 10.21.2
Run by rachstock at 21:32:13 on 2014-04-02
Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.8078.1833 [GMT 1:00]
.
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\PC Speed Up\PCSUService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\MyPC Backup\BackupStack.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~2\FROMDO~1\bar\2.bin\65barsvc.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\PROGRA~2\MAPSGA~1\bar\1.bin\39barsvc.exe
C:\windows\system32\mfevtps.exe
C:\PROGRA~2\POPULA~1\bar\3.bin\7ibarsvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Fighters\FighterSuiteService.exe
C:\Users\rachstock\AppData\Local\Torch\Update\TorchCrashHandler.exe
C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
C:\PROGRA~2\UTILIT~1\bar\1.bin\49barsvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files (x86)\Iminent\WinkHandler.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\Rundll32.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
C:\Program Files (x86)\Iminent\WinkHandler.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\Re-Markable\Re-Markable_wd.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\AppIntegrator64.exe
C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\AppIntegrator64.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Zoom Downloader\DownloadManager.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Free Ride Games\GPlayer.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\rachstock\AppData\Local\iLivid\iLivid.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Windows\system32\igfxpers.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe
C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibrmon.exe
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65brmon.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Common Toolkit Suite\Tools\x64\CommonToolkit2.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files (x86)\Speed Analysis 3\BackgroundHost64.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Windows\system32\msiexec.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\system32\wwahost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\PROGRA~1\mcafee\mqs\qcshm.exe
C:\PROGRA~2\COMMON~1\McAfee\Installer\mcinst.exe
C:\Program Files\Common Files\McAfee\VSCore\McVscIns.exe
C:\Program Files\Common Files\McAfee\VSCore\mfehidin.exe
C:\Windows\explorer.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.amazon.co.uk/gp/bit/amazonserp/ref=bit_bds-p14_serp_ie_uk_display?ie=UTF8&tagbase=bds-p14&tbrId=v1_abb-channel-14_f8195d304f574e4b86c264cac6184ab7_16_37_20130707_GB_ie_sp_BD20130707
uDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
mStart Page = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
mSearch Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
mDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
mDefault_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
uURLSearchHooks: <No Name>: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65SrcAs.dll
uURLSearchHooks: <No Name>: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
uURLSearchHooks: <No Name>: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
uURLSearchHooks: <No Name>: {0953a3a2-9223-4990-a1c9-efb4d4686ef2} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7iSrcAs.dll
uURLSearchHooks: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
mURLSearchHooks: Begin-download FLV B2 Toolbar: {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
mURLSearchHooks: Installl Converter Toolbar: {6ec74131-08b2-4f67-a9bc-5914ef1edb97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
mWinlogon: Userinit = userinit.exe
BHO: Search Assistant BHO: {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
BHO: Toolbar BHO: {0709f2cc-d1e6-4b43-9efc-1c0701cb173d} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibar.dll
BHO: freeven: {11111111-1111-1111-1111-110511161180} - C:\Program Files (x86)\freeven\freeven-bho.dll
BHO: hdtotal1.2: {11111111-1111-1111-1111-110511291122} - C:\Program Files (x86)\hdtotal1.2\hdtotal1.2-bho.dll
BHO: iminent Helper Object: {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files (x86)\IminentToolbar\1.8.28.3\bh\iminent.dll
BHO: PriceGong - Price Comparison: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll
BHO: Speed Analysis 2: {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Toolbar BHO: {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Search Assistant BHO: {3a6625a2-591b-4e83-ac3f-8c25eea30ac0} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7iSrcAs.dll
BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.): {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll
BHO: Toolbar BHO: {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
BHO: Installl Converter Toolbar: {6ec74131-08b2-4f67-a9bc-5914ef1edb97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
BHO: Search Assistant BHO: {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
BHO: AVG Nation toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll
BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll
BHO: Toolbar BHO: {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65bar.dll
BHO: Speed Analysis 3: {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: DealPly Shopping: {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Begin-download FLV B2 Toolbar: {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -
BHO: {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - <orphaned>
BHO: buenosearch Helper Object: {F1C81E40-2485-4DB6-8C9D-04BD596B281E} - C:\Program Files (x86)\buenosearch\buenosearch\1.8.21.22\bh\buenosearch.dll
BHO: Search Assistant BHO: {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65SrcAs.dll
BHO: AlxHelper Class: {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
BHO: XBTBPos00 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Nation Toolbar\tbunsc1D91.tmp\tbcore3.dll
TB: Nation Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunsc1D91.tmp\tbcore3.dll
TB: PopularScreensavers: {F339A07F-9578-412D-85E0-B8A80277151A} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibar.dll
TB: MapsGalaxy: {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
TB: Utility Chest: {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: Begin-download FLV B2 Toolbar: {BD8006AA-6E85-4B36-BB42-7F97053D5B70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
TB: Installl Converter Toolbar: {6EC74131-08B2-4F67-A9BC-5914EF1EDB97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Nation Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunsc1D91.tmp\tbcore3.dll
TB: PopularScreensavers: {f339a07f-9578-412d-85e0-b8a80277151a} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibar.dll
TB: MapsGalaxy: {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
TB: Utility Chest: {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: Amazon Browser Bar: {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
TB: FromDocToPDF: {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65bar.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
TB: Movies Toolbar (Dist. by Bandoo Media, Inc.): {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll
TB: Begin-download FLV B2 Toolbar: {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
TB: buenosearch Toolbar: {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files (x86)\buenosearch\buenosearch\1.8.21.22\buenosearchTlbr.dll
TB: Installl Converter Toolbar: {6ec74131-08b2-4f67-a9bc-5914ef1edb97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
TB: AVG Nation toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll
TB: Iminent Toolbar: {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminentTlbr.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [DownloadManager] "C:\Program Files (x86)\Zoom Downloader\DownloadManager.exe" /as
uRun: [FDPRO-516] C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO
uRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [AVG-Secure-Search-Update_0913b] C:\Users\rachstock\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 087cd0c1317147d39dc7d92928f7445c-5932566804f30aa6e7d22bee43be65babec9118f --CMPID 0913b
uRun: [iLivid] "C:\Users\rachstock\AppData\Local\iLivid\iLivid.exe" -autorun
uRun: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\rachstock\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
uRun: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRun: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [PopularScreensavers_7i Browser Plugin Loader] C:\PROGRA~2\POPULA~1\bar\3.bin\7ibrmon.exe
mRun: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~1\bar\1.bin\39srchmn.exe" /m=2 /w /h
mRun: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~1\bar\1.bin\39brmon.exe
mRun: [Utility Chest Search Scope Monitor] "C:\PROGRA~2\UTILIT~1\bar\1.bin\49srchmn.exe" /m=2 /w /h
mRun: [UtilityChest_49 Browser Plugin Loader] C:\PROGRA~2\UTILIT~1\bar\1.bin\49brmon.exe
mRun: [PopularScreensavers Search Scope Monitor] "C:\PROGRA~2\POPULA~1\bar\3.bin\7isrchmn.exe" /m=2 /w /h
mRun: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
mRun: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~1\bar\2.bin\65brmon.exe
mRun: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~1\bar\2.bin\65srchmn.exe" /m=2 /w /h
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG Nation toolbar\vprot.exe"
mRun: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
mRun: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
mRunOnce: [SPUpdSentinel] "C:\Program Files (x86)\Common Files\Umbrella\Umbrella_bkp.exe" -SERVICEARGS=c
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\Users\RACHST~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\FASTME~1.LNK - C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{51E2E9CD-74E7-49E4-B9D1-02A8375A975B} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{51E2E9CD-74E7-49E4-B9D1-02A8375A975B}\244524573796E6563737845726D2639323 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{699950F8-CFCB-41B0-8CFF-61E8E57477B1} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: browsemngr.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browsermngr.exe - tasklist.exe
x64-mStart Page = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
x64-mSearch Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
x64-mDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
x64-mDefault_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
x64-BHO: weDownload: {11111111-1111-1111-1111-110411581120} - C:\Program Files (x86)\weDownload\weDownload-bho64.dll
x64-BHO: freeven: {11111111-1111-1111-1111-110511161180} - C:\Program Files (x86)\freeven\freeven-bho64.dll
x64-BHO: hdtotal1.2: {11111111-1111-1111-1111-110511291122} - C:\Program Files (x86)\hdtotal1.2\hdtotal1.2-bho64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll
x64-BHO: Speed Analysis 3: {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
x64-Run: [MapsGalaxy Home Page Guard 64 bit] "C:\PROGRA~2\MAPSGA~1\bar\1.bin\AppIntegrator64.exe"
x64-Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~1\bar\1.bin\AppIntegrator64.exe"
x64-Run: [PopularScreensavers Home Page Guard 64 bit] "C:\PROGRA~2\POPULA~1\bar\3.bin\AppIntegrator64.exe"
x64-Run: [FromDocToPDF Home Page Guard 64 bit] "C:\PROGRA~2\FROMDO~1\bar\2.bin\AppIntegrator64.exe"
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: bitguard.exe - tasklist.exe
x64-IFEO: bprotect.exe - tasklist.exe
x64-IFEO: browsemngr.exe - tasklist.exe
x64-IFEO: browserdefender.exe - tasklist.exe
x64-IFEO: browsermngr.exe - tasklist.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2013-9-10 31544]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-5 645952]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-6-22 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-6-22 340216]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\Drivers\avgdiska.sys [2013-11-25 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2013-11-1 212280]
R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2013-10-21 252728]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-2-23 3782672]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-7-1 32808]
R2 DatamngrCoordinator;Datamngr Coordinator;C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-7-4 3422720]
R2 FromDocToPDF_65Service;FromDocToPDFService;C:\PROGRA~2\FROMDO~1\bar\2.bin\65barsvc.exe [2013-7-8 42504]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-12-27 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-12-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-27 166720]
R2 MapsGalaxy_39Service;MapsGalaxyService;C:\PROGRA~2\MAPSGA~1\bar\1.bin\39barsvc.exe [2013-7-6 42504]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-8-17 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-8-17 182752]
R2 PCSUService;PC Speed Up Service;C:\Program Files (x86)\PC Speed Up\PCSUService.exe [2014-2-9 417072]
R2 PopularScreensavers_7iService;PopularScreensaversService;C:\PROGRA~2\POPULA~1\bar\3.bin\7ibarsvc.exe [2013-7-6 42504]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [2014-3-11 2922304]
R2 Suite Service;Suite Service;C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2013-5-29 1281568]
R2 TorchCrashHandler;Torch Crash Handler;C:\Users\rachstock\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-6-27 1205088]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-27 365376]
R2 Updater Service for AMZN;Updater Service for AMZN;C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [2013-3-21 222368]
R2 UtilityChest_49Service;Utility ChestService;C:\PROGRA~2\UTILIT~1\bar\1.bin\49barsvc.exe [2013-7-6 42504]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-3-8 1770312]
R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-5-2 109064]
R2 WinkHandler;WinkHandler;C:\Program Files (x86)\Iminent\WinkHandler.exe [2014-3-11 425792]
R2 X5XSEx_Pr143;X5XSEx_Pr143;C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.sys [2013-7-24 56136]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-9-18 17152]
R3 ATP;ASUS PS/2 Port Input Device;C:\Windows\System32\Drivers\AsusTP.sys [2012-10-31 61824]
R3 Common Toolkit 2;Common Toolkit 2;C:\Program Files (x86)\Common Files\Common Toolkit Suite\Tools\x64\CommonToolkit2.exe [2013-5-17 338944]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2012-11-9 21152]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-9 342528]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-6-22 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-6-22 515968]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-12-27 295056]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-12-27 683664]
S?2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-8-17 241456]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2013-9-4 20496]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-6-18 69168]
S2 0273701396470287mcinstcleanup;McAfee Application Installer Cleanup (0273701396470287);C:\Users\RACHST~1\AppData\Local\Temp\027370~1.EXE -cleanup -nolog --> C:\Users\RACHST~1\AppData\Local\Temp\027370~1.EXE -cleanup -nolog [?]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/27 14:01:39;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2012-5-23 243728]
S2 dealplylive;DealPly Live Service (dealplylive);C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-7-24 148000]
S2 Re-Markable;Re-Markable;C:\Program Files (x86)\Re-Markable\Re-Markable153.exe [2014-2-9 181760]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-6-22 70112]
S3 dealplylivem;DealPly Live Service (dealplylivem);C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-7-24 148000]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\Drivers\mferkdet.sys [2012-6-22 106552]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 30 ================
.
2014-04-01 04:41:01 254640 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10236.bin
2014-03-20 12:25:44 -------- d-----w- C:\Program Files (x86)\GUMEA7A.tmp
2014-03-11 19:17:44 -------- d-----w- C:\ProgramData\Oracle
2014-03-11 19:17:20 973736 ----a-w- C:\Windows\System32\deployJava1.dll
2014-03-11 19:17:19 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll
2014-03-11 19:16:58 -------- d-----w- C:\Program Files (x86)\melondrea
2014-03-11 19:16:45 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-03-11 19:14:48 -------- d-----w- C:\ProgramData\Systweak
2014-03-11 19:14:43 16896 ----a-w- C:\Windows\System32\sasnative64.exe
2014-03-11 19:14:43 -------- d-----w- C:\Program Files (x86)\Advanced System Protector
2014-03-11 19:14:23 -------- d-----w- C:\Users\rachstock\AppData\Roaming\Advanced System Protector
2014-03-11 19:14:07 -------- d-----w- C:\Program Files (x86)\hdtotal1.2
2014-03-11 19:14:05 -------- d-----w- C:\Program Files (x86)\IminentToolbar
2014-03-11 19:13:55 -------- d-----w- C:\Users\rachstock\AppData\Roaming\IminentToolbar
2014-03-11 19:13:51 -------- d-----w- C:\Users\rachstock\AppData\Roaming\System Speedup
2014-03-11 19:13:42 -------- d-----w- C:\Users\rachstock\AppData\Roaming\systweak
2014-03-11 19:13:18 -------- d-----w- C:\Program Files (x86)\Common Files\Umbrella
2014-03-11 19:13:14 -------- d-----w- C:\Program Files (x86)\System Speedup
2014-03-11 19:13:14 -------- d-----w- C:\Program Files (x86)\Iminent
2014-03-07 22:05:28 -------- d-----w- C:\Users\rachstock\AppData\Roaming\AVG2014
2014-03-07 22:00:23 -------- d-----w- C:\Users\rachstock\AppData\Local\AVG Nation toolbar
2014-03-07 21:59:39 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-03-07 21:59:29 -------- d-----w- C:\ProgramData\AVG Nation toolbar
2014-03-07 21:59:27 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-03-07 21:59:22 -------- d-----w- C:\Program Files (x86)\AVG Nation toolbar
2014-03-07 21:54:26 -------- d-----w- C:\ProgramData\AVG2014
2014-03-07 21:51:31 -------- d-----w- C:\Program Files (x86)\Uninstaller
2014-03-07 21:49:31 -------- d-----w- C:\Users\rachstock\AppData\Local\Avg2014
2014-03-07 21:49:10 -------- d-----w- C:\Users\rachstock\AppData\Roaming\Uniblue
2014-03-07 21:49:10 -------- d-----w- C:\Program Files (x86)\Uniblue
2014-03-07 21:49:04 -------- d-----w- C:\Program Files (x86)\freeven
2014-03-07 21:30:03 -------- d-----w- C:\Users\rachstock\AppData\Local\iConvertor
.
==================== Find3M ====================
.
2014-02-20 17:03:06 401 ----a-w- C:\Users\rachstock\AppData\Roaming\sp_data.sys
2014-02-09 10:08:37 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-01-30 21:10:35 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10:35 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-12 23:30:39 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-01-12 23:30:18 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
.
============= FINISH: 21:33:41.01 ===============
AVG reports the following
Adware MultiBundle.V
Adware Generic5.APKC
Adware Generic5.APFQ
Unfortunately the person has compounded the problem by downloading numerous PC speedup software offerings, the one I can see include
System Seedup
Optimizer Pro
SpeedUpMyPC
PC Speed Ip
PC Performer
PC Speed Maximizer
another program I don't recognise is
Advanced System Protector
Thankyou for any help you can give.
P.
Below is the DDS.txt file and attached is the attach.zip file as requested
-----------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16798 BrowserJavaVersion: 10.21.2
Run by rachstock at 21:32:13 on 2014-04-02
Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.8078.1833 [GMT 1:00]
.
AV: AVG AntiVirus 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\PC Speed Up\PCSUService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\MyPC Backup\BackupStack.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~2\FROMDO~1\bar\2.bin\65barsvc.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\PROGRA~2\MAPSGA~1\bar\1.bin\39barsvc.exe
C:\windows\system32\mfevtps.exe
C:\PROGRA~2\POPULA~1\bar\3.bin\7ibarsvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Fighters\FighterSuiteService.exe
C:\Users\rachstock\AppData\Local\Torch\Update\TorchCrashHandler.exe
C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
C:\PROGRA~2\UTILIT~1\bar\1.bin\49barsvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files (x86)\Iminent\WinkHandler.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\Rundll32.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
C:\Program Files (x86)\Iminent\WinkHandler.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\Re-Markable\Re-Markable_wd.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\AppIntegrator64.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\AppIntegrator64.exe
C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\AppIntegrator64.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Zoom Downloader\DownloadManager.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Free Ride Games\GPlayer.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\rachstock\AppData\Local\iLivid\iLivid.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Windows\system32\igfxpers.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe
C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibrmon.exe
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65brmon.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Common Toolkit Suite\Tools\x64\CommonToolkit2.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files (x86)\Speed Analysis 3\BackgroundHost64.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Windows\system32\msiexec.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\system32\wwahost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\PROGRA~1\mcafee\mqs\qcshm.exe
C:\PROGRA~2\COMMON~1\McAfee\Installer\mcinst.exe
C:\Program Files\Common Files\McAfee\VSCore\McVscIns.exe
C:\Program Files\Common Files\McAfee\VSCore\mfehidin.exe
C:\Windows\explorer.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.amazon.co.uk/gp/bit/amazonserp/ref=bit_bds-p14_serp_ie_uk_display?ie=UTF8&tagbase=bds-p14&tbrId=v1_abb-channel-14_f8195d304f574e4b86c264cac6184ab7_16_37_20130707_GB_ie_sp_BD20130707
uDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
mStart Page = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
mSearch Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
mDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
mDefault_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
uURLSearchHooks: <No Name>: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65SrcAs.dll
uURLSearchHooks: <No Name>: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
uURLSearchHooks: <No Name>: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
uURLSearchHooks: <No Name>: {0953a3a2-9223-4990-a1c9-efb4d4686ef2} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7iSrcAs.dll
uURLSearchHooks: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
mURLSearchHooks: Begin-download FLV B2 Toolbar: {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
mURLSearchHooks: Installl Converter Toolbar: {6ec74131-08b2-4f67-a9bc-5914ef1edb97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
mWinlogon: Userinit = userinit.exe
BHO: Search Assistant BHO: {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
BHO: Toolbar BHO: {0709f2cc-d1e6-4b43-9efc-1c0701cb173d} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibar.dll
BHO: freeven: {11111111-1111-1111-1111-110511161180} - C:\Program Files (x86)\freeven\freeven-bho.dll
BHO: hdtotal1.2: {11111111-1111-1111-1111-110511291122} - C:\Program Files (x86)\hdtotal1.2\hdtotal1.2-bho.dll
BHO: iminent Helper Object: {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files (x86)\IminentToolbar\1.8.28.3\bh\iminent.dll
BHO: PriceGong - Price Comparison: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll
BHO: Speed Analysis 2: {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Toolbar BHO: {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Search Assistant BHO: {3a6625a2-591b-4e83-ac3f-8c25eea30ac0} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7iSrcAs.dll
BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.): {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll
BHO: Toolbar BHO: {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
BHO: Installl Converter Toolbar: {6ec74131-08b2-4f67-a9bc-5914ef1edb97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
BHO: Search Assistant BHO: {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
BHO: AVG Nation toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll
BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll
BHO: Toolbar BHO: {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65bar.dll
BHO: Speed Analysis 3: {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: DealPly Shopping: {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Begin-download FLV B2 Toolbar: {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -
BHO: {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - <orphaned>
BHO: buenosearch Helper Object: {F1C81E40-2485-4DB6-8C9D-04BD596B281E} - C:\Program Files (x86)\buenosearch\buenosearch\1.8.21.22\bh\buenosearch.dll
BHO: Search Assistant BHO: {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65SrcAs.dll
BHO: AlxHelper Class: {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
BHO: XBTBPos00 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Nation Toolbar\tbunsc1D91.tmp\tbcore3.dll
TB: Nation Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunsc1D91.tmp\tbcore3.dll
TB: PopularScreensavers: {F339A07F-9578-412D-85E0-B8A80277151A} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibar.dll
TB: MapsGalaxy: {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
TB: Utility Chest: {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: Begin-download FLV B2 Toolbar: {BD8006AA-6E85-4B36-BB42-7F97053D5B70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
TB: Installl Converter Toolbar: {6EC74131-08B2-4F67-A9BC-5914EF1EDB97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Nation Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar\tbunsc1D91.tmp\tbcore3.dll
TB: PopularScreensavers: {f339a07f-9578-412d-85e0-b8a80277151a} - C:\Program Files (x86)\PopularScreensavers_7i\bar\3.bin\7ibar.dll
TB: MapsGalaxy: {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll
TB: Utility Chest: {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: Amazon Browser Bar: {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
TB: FromDocToPDF: {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\2.bin\65bar.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
TB: Movies Toolbar (Dist. by Bandoo Media, Inc.): {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\searchresultsDx.dll
TB: Begin-download FLV B2 Toolbar: {bd8006aa-6e85-4b36-bb42-7f97053d5b70} - C:\Program Files (x86)\Begin-download_FLV_B2\prxtbBegi.dll
TB: buenosearch Toolbar: {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files (x86)\buenosearch\buenosearch\1.8.21.22\buenosearchTlbr.dll
TB: Installl Converter Toolbar: {6ec74131-08b2-4f67-a9bc-5914ef1edb97} - C:\Program Files (x86)\Installl_Converter\prxtbInst.dll
TB: AVG Nation toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll
TB: Iminent Toolbar: {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminentTlbr.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [DownloadManager] "C:\Program Files (x86)\Zoom Downloader\DownloadManager.exe" /as
uRun: [FDPRO-516] C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO
uRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [AVG-Secure-Search-Update_0913b] C:\Users\rachstock\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 087cd0c1317147d39dc7d92928f7445c-5932566804f30aa6e7d22bee43be65babec9118f --CMPID 0913b
uRun: [iLivid] "C:\Users\rachstock\AppData\Local\iLivid\iLivid.exe" -autorun
uRun: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\rachstock\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
uRun: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRun: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [PopularScreensavers_7i Browser Plugin Loader] C:\PROGRA~2\POPULA~1\bar\3.bin\7ibrmon.exe
mRun: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~1\bar\1.bin\39srchmn.exe" /m=2 /w /h
mRun: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~1\bar\1.bin\39brmon.exe
mRun: [Utility Chest Search Scope Monitor] "C:\PROGRA~2\UTILIT~1\bar\1.bin\49srchmn.exe" /m=2 /w /h
mRun: [UtilityChest_49 Browser Plugin Loader] C:\PROGRA~2\UTILIT~1\bar\1.bin\49brmon.exe
mRun: [PopularScreensavers Search Scope Monitor] "C:\PROGRA~2\POPULA~1\bar\3.bin\7isrchmn.exe" /m=2 /w /h
mRun: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
mRun: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~1\bar\2.bin\65brmon.exe
mRun: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~1\bar\2.bin\65srchmn.exe" /m=2 /w /h
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG Nation toolbar\vprot.exe"
mRun: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
mRun: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
mRunOnce: [SPUpdSentinel] "C:\Program Files (x86)\Common Files\Umbrella\Umbrella_bkp.exe" -SERVICEARGS=c
dRun: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup
StartupFolder: C:\Users\RACHST~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\FASTME~1.LNK - C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{51E2E9CD-74E7-49E4-B9D1-02A8375A975B} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{51E2E9CD-74E7-49E4-B9D1-02A8375A975B}\244524573796E6563737845726D2639323 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{699950F8-CFCB-41B0-8CFF-61E8E57477B1} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: browsemngr.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
IFEO: browsermngr.exe - tasklist.exe
x64-mStart Page = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
x64-mSearch Page = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
x64-mDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028
x64-mDefault_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1385748536&from=s32&uid=ST1000LM024XHN-M101MBB_S2TTJ9CCA33028&q={searchTerms}
x64-BHO: weDownload: {11111111-1111-1111-1111-110411581120} - C:\Program Files (x86)\weDownload\weDownload-bho64.dll
x64-BHO: freeven: {11111111-1111-1111-1111-110511161180} - C:\Program Files (x86)\freeven\freeven-bho64.dll
x64-BHO: hdtotal1.2: {11111111-1111-1111-1111-110511291122} - C:\Program Files (x86)\hdtotal1.2\hdtotal1.2-bho64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll
x64-BHO: Speed Analysis 3: {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
x64-Run: [MapsGalaxy Home Page Guard 64 bit] "C:\PROGRA~2\MAPSGA~1\bar\1.bin\AppIntegrator64.exe"
x64-Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~1\bar\1.bin\AppIntegrator64.exe"
x64-Run: [PopularScreensavers Home Page Guard 64 bit] "C:\PROGRA~2\POPULA~1\bar\3.bin\AppIntegrator64.exe"
x64-Run: [FromDocToPDF Home Page Guard 64 bit] "C:\PROGRA~2\FROMDO~1\bar\2.bin\AppIntegrator64.exe"
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: bitguard.exe - tasklist.exe
x64-IFEO: bprotect.exe - tasklist.exe
x64-IFEO: browsemngr.exe - tasklist.exe
x64-IFEO: browserdefender.exe - tasklist.exe
x64-IFEO: browsermngr.exe - tasklist.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2013-9-10 31544]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-5 645952]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-6-22 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-6-22 340216]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\Drivers\avgdiska.sys [2013-11-25 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2013-11-1 212280]
R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2013-10-21 252728]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-2-23 3782672]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-7-1 32808]
R2 DatamngrCoordinator;Datamngr Coordinator;C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-7-4 3422720]
R2 FromDocToPDF_65Service;FromDocToPDFService;C:\PROGRA~2\FROMDO~1\bar\2.bin\65barsvc.exe [2013-7-8 42504]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-12-27 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-12-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-27 166720]
R2 MapsGalaxy_39Service;MapsGalaxyService;C:\PROGRA~2\MAPSGA~1\bar\1.bin\39barsvc.exe [2013-7-6 42504]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-8-17 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-8-17 182752]
R2 PCSUService;PC Speed Up Service;C:\Program Files (x86)\PC Speed Up\PCSUService.exe [2014-2-9 417072]
R2 PopularScreensavers_7iService;PopularScreensaversService;C:\PROGRA~2\POPULA~1\bar\3.bin\7ibarsvc.exe [2013-7-6 42504]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [2014-3-11 2922304]
R2 Suite Service;Suite Service;C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2013-5-29 1281568]
R2 TorchCrashHandler;Torch Crash Handler;C:\Users\rachstock\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-6-27 1205088]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-27 365376]
R2 Updater Service for AMZN;Updater Service for AMZN;C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [2013-3-21 222368]
R2 UtilityChest_49Service;Utility ChestService;C:\PROGRA~2\UTILIT~1\bar\1.bin\49barsvc.exe [2013-7-6 42504]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-3-8 1770312]
R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-5-2 109064]
R2 WinkHandler;WinkHandler;C:\Program Files (x86)\Iminent\WinkHandler.exe [2014-3-11 425792]
R2 X5XSEx_Pr143;X5XSEx_Pr143;C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.sys [2013-7-24 56136]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-9-18 17152]
R3 ATP;ASUS PS/2 Port Input Device;C:\Windows\System32\Drivers\AsusTP.sys [2012-10-31 61824]
R3 Common Toolkit 2;Common Toolkit 2;C:\Program Files (x86)\Common Files\Common Toolkit Suite\Tools\x64\CommonToolkit2.exe [2013-5-17 338944]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2012-11-9 21152]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-9 342528]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-6-22 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-6-22 515968]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-12-27 295056]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-12-27 683664]
S?2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-8-17 241456]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2013-9-4 20496]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-6-18 69168]
S2 0273701396470287mcinstcleanup;McAfee Application Installer Cleanup (0273701396470287);C:\Users\RACHST~1\AppData\Local\Temp\027370~1.EXE -cleanup -nolog --> C:\Users\RACHST~1\AppData\Local\Temp\027370~1.EXE -cleanup -nolog [?]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/27 14:01:39;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2012-5-23 243728]
S2 dealplylive;DealPly Live Service (dealplylive);C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-7-24 148000]
S2 Re-Markable;Re-Markable;C:\Program Files (x86)\Re-Markable\Re-Markable153.exe [2014-2-9 181760]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-6-22 70112]
S3 dealplylivem;DealPly Live Service (dealplylivem);C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-7-24 148000]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\Drivers\mferkdet.sys [2012-6-22 106552]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 30 ================
.
2014-04-01 04:41:01 254640 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10236.bin
2014-03-20 12:25:44 -------- d-----w- C:\Program Files (x86)\GUMEA7A.tmp
2014-03-11 19:17:44 -------- d-----w- C:\ProgramData\Oracle
2014-03-11 19:17:20 973736 ----a-w- C:\Windows\System32\deployJava1.dll
2014-03-11 19:17:19 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll
2014-03-11 19:16:58 -------- d-----w- C:\Program Files (x86)\melondrea
2014-03-11 19:16:45 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-03-11 19:14:48 -------- d-----w- C:\ProgramData\Systweak
2014-03-11 19:14:43 16896 ----a-w- C:\Windows\System32\sasnative64.exe
2014-03-11 19:14:43 -------- d-----w- C:\Program Files (x86)\Advanced System Protector
2014-03-11 19:14:23 -------- d-----w- C:\Users\rachstock\AppData\Roaming\Advanced System Protector
2014-03-11 19:14:07 -------- d-----w- C:\Program Files (x86)\hdtotal1.2
2014-03-11 19:14:05 -------- d-----w- C:\Program Files (x86)\IminentToolbar
2014-03-11 19:13:55 -------- d-----w- C:\Users\rachstock\AppData\Roaming\IminentToolbar
2014-03-11 19:13:51 -------- d-----w- C:\Users\rachstock\AppData\Roaming\System Speedup
2014-03-11 19:13:42 -------- d-----w- C:\Users\rachstock\AppData\Roaming\systweak
2014-03-11 19:13:18 -------- d-----w- C:\Program Files (x86)\Common Files\Umbrella
2014-03-11 19:13:14 -------- d-----w- C:\Program Files (x86)\System Speedup
2014-03-11 19:13:14 -------- d-----w- C:\Program Files (x86)\Iminent
2014-03-07 22:05:28 -------- d-----w- C:\Users\rachstock\AppData\Roaming\AVG2014
2014-03-07 22:00:23 -------- d-----w- C:\Users\rachstock\AppData\Local\AVG Nation toolbar
2014-03-07 21:59:39 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-03-07 21:59:29 -------- d-----w- C:\ProgramData\AVG Nation toolbar
2014-03-07 21:59:27 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-03-07 21:59:22 -------- d-----w- C:\Program Files (x86)\AVG Nation toolbar
2014-03-07 21:54:26 -------- d-----w- C:\ProgramData\AVG2014
2014-03-07 21:51:31 -------- d-----w- C:\Program Files (x86)\Uninstaller
2014-03-07 21:49:31 -------- d-----w- C:\Users\rachstock\AppData\Local\Avg2014
2014-03-07 21:49:10 -------- d-----w- C:\Users\rachstock\AppData\Roaming\Uniblue
2014-03-07 21:49:10 -------- d-----w- C:\Program Files (x86)\Uniblue
2014-03-07 21:49:04 -------- d-----w- C:\Program Files (x86)\freeven
2014-03-07 21:30:03 -------- d-----w- C:\Users\rachstock\AppData\Local\iConvertor
.
==================== Find3M ====================
.
2014-02-20 17:03:06 401 ----a-w- C:\Users\rachstock\AppData\Roaming\sp_data.sys
2014-02-09 10:08:37 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-01-30 21:10:35 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10:35 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-12 23:30:39 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-01-12 23:30:18 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
.
============= FINISH: 21:33:41.01 ===============