My computer has been very slow as of late. Even opening up a a folder can sometimes take awhile. Also using my firefox browser I get these side windows that pop up saying Hot Deals with different deals. The browser is also incredibly slow. I attached the necessary scans. I also do have a boot disk but Im unable to activate windows because I think I am out of licenses. Thanks for the help.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16448 BrowserJavaVersion: 10.55.2
Run by Daniel Mayen at 8:58:01 on 2014-12-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3071.1500 [GMT -6:00]
.
AV: Lavasoft Ad-Aware *Enabled/Outdated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
SP: Lavasoft Ad-Aware *Enabled/Outdated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\AEADISRV.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Windows\system32\rpcnet.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://www.google.com
mStart Page = about:blank
uSearchAssistant = hxxp://www.google.com
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: SecureWebBHO Class: {D3C24E2B-C820-4492-9B69-11BF7163F998} - c:\program files\jelbrus secure web\jsie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\realpl~1.lnk - c:\program files\real\realplayer\rpds\bin\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} - file:///D:/MEMDISC/ALBUM_A/VIEW/PLUGIN/HPODPCFC.CAB
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\2375942554035323 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\84F4D454D253539343 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\876696E696479777966696 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\E45445745414250363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\F4666602458656024527168787 : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\daniel mayen\appdata\roaming\mozilla\firefox\profiles\e24uzh3s.default-1419200065808\
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_246.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2007-4-25 31232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\drivers\ctxva51.sys [2011-3-14 41624]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-5-1 39272]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-10 114904]
S3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\drivers\rismc32.sys [2006-10-3 47488]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-8 52224]
.
=============== Created Last 30 ================
.
2014-12-27 14:51:02 -------- d-----w- c:\users\daniel mayen\appdata\local\{DCACD2AA-BEE6-4305-94EA-E245C0E115AF}
2014-12-24 21:31:08 -------- d-----w- c:\users\daniel mayen\appdata\local\{D43FB594-2F88-413F-B6A0-41929130760B}
2014-12-23 21:29:45 -------- d-----w- c:\users\daniel mayen\appdata\local\{9931C56B-4EF8-4455-AFAC-79CFE19E9F00}
2014-12-23 04:11:59 -------- d-----w- c:\users\daniel mayen\appdata\local\{A4CA6540-96CC-4B67-BC0B-CAC84D77B55C}
2014-12-21 22:04:58 -------- d-----w- c:\users\daniel mayen\appdata\local\{5B356D51-6FC4-4689-A578-23207FC65F1F}
2014-12-20 03:42:15 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0fa963c3-549d-4c83-95f9-7a493e1021ee}\offreg.dll
2014-12-20 02:56:01 -------- d-----w- c:\users\daniel mayen\appdata\local\{091B98E6-0AC0-4002-A542-69F2E32E18FF}
2014-12-18 00:39:57 -------- d-----w- c:\users\daniel mayen\appdata\local\{3B2F46BC-C6BD-4DC3-89B0-B1960027F75A}
2014-12-16 22:25:42 -------- d-----w- c:\users\daniel mayen\appdata\local\{319E9B7C-4BC8-4064-BF0F-91E9345EF27B}
2014-12-14 16:26:14 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0fa963c3-549d-4c83-95f9-7a493e1021ee}\mpengine.dll
2014-12-14 15:12:35 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-12-14 14:48:44 -------- d-----w- c:\users\daniel mayen\appdata\local\{A1118ABA-8ECA-412F-AB33-9454155BA856}
2014-12-13 14:16:03 -------- d-----w- c:\users\daniel mayen\appdata\local\{8FAC9D09-CD87-4170-9E10-B1618E9E2294}
2014-12-11 21:34:40 -------- d-----w- c:\programdata\Avg_Update_1214tb
2014-12-09 21:38:57 -------- d-----w- c:\users\daniel mayen\appdata\local\{97AA5C8D-C556-4FC4-873B-14748BAF6DC3}
2014-12-09 21:06:06 -------- d-----w- c:\programdata\AVG Security Toolbar
2014-12-08 01:41:29 -------- d-----w- c:\users\daniel mayen\appdata\local\{C8B34D6B-E6AA-4D8B-8741-81EBF5D6B29F}
2014-12-06 14:58:19 -------- d-----w- c:\users\daniel mayen\appdata\local\{E71C805E-2EF6-4DBA-BECD-994C68D99588}
2014-12-06 02:24:16 -------- d-----w- c:\users\daniel mayen\appdata\local\{2035F275-BEF3-4EA6-B7B4-80E9D3B93D25}
2014-12-05 11:05:32 -------- d-----w- c:\users\daniel mayen\appdata\local\{95E09398-9135-45E0-BC21-0494D6C531E5}
2014-12-03 06:31:20 227048 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2014-12-02 22:53:40 -------- d-----w- c:\users\daniel mayen\appdata\local\{E5E58580-2148-4FEF-8FEA-0B706A66E415}
2014-11-29 08:08:30 -------- d-----w- c:\users\daniel mayen\appdata\local\{D2FD1D56-BE38-4C32-83D8-71EE821AE1BA}
2014-11-28 21:01:29 -------- d-----w- c:\users\daniel mayen\appdata\local\{9FE83464-54A5-4E3F-B79B-10E33CCE89CF}
.
==================== Find3M ====================
.
2014-12-27 14:24:15 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2014-12-27 13:50:42 69792 ----a-w- c:\windows\system32\rpcnet.dll
2014-12-21 22:17:26 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-12 04:29:03 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-12 04:29:03 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-21 12:14:20 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 12:14:10 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 12:14:06 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-20 23:47:33 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2014-10-30 22:15:24 312424 ----a-w- c:\windows\system32\LavasoftTcpService.dll
2014-10-30 03:34:52 213784 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-10-10 21:13:58 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-03-19 22:41:18 473 ----a-w- c:\program files\layout.bin
2011-02-25 02:26:50 461888 ----a-w- c:\program files\Setup.exe
2010-09-01 23:52:50 3065408 ----a-w- c:\program files\bcmwl664.sys
2010-09-01 23:52:34 2712640 ----a-w- c:\program files\bcmwl6.sys
2010-09-01 23:41:28 95544 ----a-w- c:\program files\bcmwlcoi64.dll
2010-09-01 23:41:28 91448 ----a-w- c:\program files\bcmwlcoi.dll
2010-09-01 23:41:28 3896832 ----a-w- c:\program files\bcmihvsrv64.dll
2010-09-01 23:41:28 3561472 ----a-w- c:\program files\bcmihvui64.dll
2010-09-01 23:41:26 3870720 ----a-w- c:\program files\bcmihvsrv.dll
2010-09-01 23:41:26 3559424 ----a-w- c:\program files\bcmihvui.dll
2007-09-17 22:31:48 492164 ----a-w- c:\program files\ISSetup.dll
2006-05-18 06:21:08 373680 ----a-w- c:\program files\_setup.dll
.
============= FINISH: 8:59:54.65 ===============
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16448 BrowserJavaVersion: 10.55.2
Run by Daniel Mayen at 8:58:01 on 2014-12-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3071.1500 [GMT -6:00]
.
AV: Lavasoft Ad-Aware *Enabled/Outdated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
SP: Lavasoft Ad-Aware *Enabled/Outdated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\AEADISRV.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Windows\system32\rpcnet.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://www.google.com
mStart Page = about:blank
uSearchAssistant = hxxp://www.google.com
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: SecureWebBHO Class: {D3C24E2B-C820-4492-9B69-11BF7163F998} - c:\program files\jelbrus secure web\jsie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\realpl~1.lnk - c:\program files\real\realplayer\rpds\bin\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} - file:///D:/MEMDISC/ALBUM_A/VIEW/PLUGIN/HPODPCFC.CAB
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\2375942554035323 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\84F4D454D253539343 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\876696E696479777966696 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\C696E6B6379737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\E45445745414250363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{20BE2DA4-767F-4DBF-B7BB-B9664A3F5FDD}\F4666602458656024527168787 : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\daniel mayen\appdata\roaming\mozilla\firefox\profiles\e24uzh3s.default-1419200065808\
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_246.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-18 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2007-4-25 31232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\drivers\ctxva51.sys [2011-3-14 41624]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-5-1 39272]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-11-10 114904]
S3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\drivers\rismc32.sys [2006-10-3 47488]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-8 52224]
.
=============== Created Last 30 ================
.
2014-12-27 14:51:02 -------- d-----w- c:\users\daniel mayen\appdata\local\{DCACD2AA-BEE6-4305-94EA-E245C0E115AF}
2014-12-24 21:31:08 -------- d-----w- c:\users\daniel mayen\appdata\local\{D43FB594-2F88-413F-B6A0-41929130760B}
2014-12-23 21:29:45 -------- d-----w- c:\users\daniel mayen\appdata\local\{9931C56B-4EF8-4455-AFAC-79CFE19E9F00}
2014-12-23 04:11:59 -------- d-----w- c:\users\daniel mayen\appdata\local\{A4CA6540-96CC-4B67-BC0B-CAC84D77B55C}
2014-12-21 22:04:58 -------- d-----w- c:\users\daniel mayen\appdata\local\{5B356D51-6FC4-4689-A578-23207FC65F1F}
2014-12-20 03:42:15 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0fa963c3-549d-4c83-95f9-7a493e1021ee}\offreg.dll
2014-12-20 02:56:01 -------- d-----w- c:\users\daniel mayen\appdata\local\{091B98E6-0AC0-4002-A542-69F2E32E18FF}
2014-12-18 00:39:57 -------- d-----w- c:\users\daniel mayen\appdata\local\{3B2F46BC-C6BD-4DC3-89B0-B1960027F75A}
2014-12-16 22:25:42 -------- d-----w- c:\users\daniel mayen\appdata\local\{319E9B7C-4BC8-4064-BF0F-91E9345EF27B}
2014-12-14 16:26:14 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0fa963c3-549d-4c83-95f9-7a493e1021ee}\mpengine.dll
2014-12-14 15:12:35 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-12-14 14:48:44 -------- d-----w- c:\users\daniel mayen\appdata\local\{A1118ABA-8ECA-412F-AB33-9454155BA856}
2014-12-13 14:16:03 -------- d-----w- c:\users\daniel mayen\appdata\local\{8FAC9D09-CD87-4170-9E10-B1618E9E2294}
2014-12-11 21:34:40 -------- d-----w- c:\programdata\Avg_Update_1214tb
2014-12-09 21:38:57 -------- d-----w- c:\users\daniel mayen\appdata\local\{97AA5C8D-C556-4FC4-873B-14748BAF6DC3}
2014-12-09 21:06:06 -------- d-----w- c:\programdata\AVG Security Toolbar
2014-12-08 01:41:29 -------- d-----w- c:\users\daniel mayen\appdata\local\{C8B34D6B-E6AA-4D8B-8741-81EBF5D6B29F}
2014-12-06 14:58:19 -------- d-----w- c:\users\daniel mayen\appdata\local\{E71C805E-2EF6-4DBA-BECD-994C68D99588}
2014-12-06 02:24:16 -------- d-----w- c:\users\daniel mayen\appdata\local\{2035F275-BEF3-4EA6-B7B4-80E9D3B93D25}
2014-12-05 11:05:32 -------- d-----w- c:\users\daniel mayen\appdata\local\{95E09398-9135-45E0-BC21-0494D6C531E5}
2014-12-03 06:31:20 227048 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2014-12-02 22:53:40 -------- d-----w- c:\users\daniel mayen\appdata\local\{E5E58580-2148-4FEF-8FEA-0B706A66E415}
2014-11-29 08:08:30 -------- d-----w- c:\users\daniel mayen\appdata\local\{D2FD1D56-BE38-4C32-83D8-71EE821AE1BA}
2014-11-28 21:01:29 -------- d-----w- c:\users\daniel mayen\appdata\local\{9FE83464-54A5-4E3F-B79B-10E33CCE89CF}
.
==================== Find3M ====================
.
2014-12-27 14:24:15 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2014-12-27 13:50:42 69792 ----a-w- c:\windows\system32\rpcnet.dll
2014-12-21 22:17:26 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-12 04:29:03 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-12 04:29:03 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-21 12:14:20 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 12:14:10 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 12:14:06 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-20 23:47:33 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2014-10-30 22:15:24 312424 ----a-w- c:\windows\system32\LavasoftTcpService.dll
2014-10-30 03:34:52 213784 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-10-10 21:13:58 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-03-19 22:41:18 473 ----a-w- c:\program files\layout.bin
2011-02-25 02:26:50 461888 ----a-w- c:\program files\Setup.exe
2010-09-01 23:52:50 3065408 ----a-w- c:\program files\bcmwl664.sys
2010-09-01 23:52:34 2712640 ----a-w- c:\program files\bcmwl6.sys
2010-09-01 23:41:28 95544 ----a-w- c:\program files\bcmwlcoi64.dll
2010-09-01 23:41:28 91448 ----a-w- c:\program files\bcmwlcoi.dll
2010-09-01 23:41:28 3896832 ----a-w- c:\program files\bcmihvsrv64.dll
2010-09-01 23:41:28 3561472 ----a-w- c:\program files\bcmihvui64.dll
2010-09-01 23:41:26 3870720 ----a-w- c:\program files\bcmihvsrv.dll
2010-09-01 23:41:26 3559424 ----a-w- c:\program files\bcmihvui.dll
2007-09-17 22:31:48 492164 ----a-w- c:\program files\ISSetup.dll
2006-05-18 06:21:08 373680 ----a-w- c:\program files\_setup.dll
.
============= FINISH: 8:59:54.65 ===============