So I have a desktop that I usually use, and honestly my lappy has just sat under my bed for months and months. My desktop is down right now so I'm using my lappy and realizing it has potential for me to continue using it. I'm slowly but surely rooting out data and files I no longer want (more for space than anything), and of getting it into good running condition.
Right now I have 2 issues:
1. My antivirus will not update its definitions, therefore my computer thinks I have a security issue (which it very well might). I've tried Windows Defender and AVG free, neither have been able to be updated. I'm thinking it's some sort of virus/malware that is preventing the definitions from updating. hoping this is something that could be caught in the DDS/Attach!
2. Generally running slowly. Video playback is very choppy, especially when I start to move the mouse.
Overall, once I got my laptop, I started really not worrying much about this, so I'm sure there's tons of malware that shouldn't be on here. I'm hoping you guys don't mind helping! You've always been very helpful in the past!
I'm running Windows Vista Home Premium (32-bit) with SP 1.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18639 BrowserJavaVersion: 10.65.2
Run by Chris at 17:51:09 on 2016-02-15
Microsoft® Windows Vista Home Premium 6.0.6001.1.1252.1.1033.18.2045.730 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition *Enabled/Outdated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Enabled/Outdated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\Av\avgrsx.exe
C:\Program Files\AVG\Av\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Acer\ALaunch\ALaunchSvc.exe
C:\Program Files\AVG\Av\avgidsagent.exe
C:\Program Files\AVG\Framework\Common\avgsvcx.exe
C:\Program Files\AVG\Av\avgwdsvcx.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\SafeConnect\scManager.sys
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\AVG\Av\avgnsx.exe
C:\Program Files\AVG\Av\avgemcx.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Chris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\SafeConnect\scClient.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Chris\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Spotify Web Helper] "c:\users\chris\appdata\roaming\spotify\SpotifyWebHelper.exe"
mRun: [eRecoveryService] <no file>
dRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly
dRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
dRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
StartupFolder: c:\users\chris\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\safeco~1.lnk - c:\program files\safeconnect\scClient.exe
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - <no file>
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001065-0002-0065-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{99153990-3D6B-4ABB-9334-B792BEC34FA3} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B817D1FF-1568-4BA7-AD1A-AC36D53C8E2B} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\48.0.2564.109\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\zam0uv8r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://gamebox.my-quick-search.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\users\chris\appdata\roaming\mozilla\firefox\profiles\zam0uv8r.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\chris\appdata\roaming\mozilla\firefox\profiles\zam0uv8r.default\extensions\gamebox@toolbar\components\toolbarhomewmp.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\users\chris\appdata\local\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_20_0_0_286.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2016-1-8 207792]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2015-8-14 308656]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2016-1-22 198576]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2015-12-4 37296]
R0 Avgunivx;AVG Universal Driver;c:\windows\system32\drivers\avgunivx.sys [2016-1-8 23472]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2015-11-6 149936]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2016-1-5 257456]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2015-11-20 31664]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2015-10-21 229296]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2015-10-8 231856]
R2 ALaunchService;ALaunch Service;c:\acer\alaunch\ALaunchSvc.exe [2008-3-17 51200]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\av\avgidsagent.exe [2016-2-1 3881184]
R2 avgsvc;AVG Service;c:\program files\avg\framework\common\avgsvcx.exe [2016-1-12 865704]
R2 avgwd;AVG WatchDog;c:\program files\avg\av\avgwdsvcx.exe [2016-2-1 561104]
R2 SCManager;SafeConnect Manager;c:\program files\safeconnect\scmanager.sys servicestart --> c:\program files\safeconnect\scManager.sys servicestart [?]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-3-17 180736]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-3-17 32256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2008-1-20 19968]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
.
=============== Created Last 30 ================
.
2016-02-14 19:40:27 -------- d-----w- c:\windows\system32\RT 7 Lite
2016-02-12 00:08:54 -------- d-----w- c:\users\chris\appdata\roaming\AVG
2016-02-12 00:07:36 -------- d-----w- c:\users\chris\appdata\roaming\TuneUp Software
2016-02-12 00:06:32 -------- d--h--w- C:\$AVG
2016-02-10 00:56:08 -------- d-----w- c:\program files\NHL Streams
2016-02-02 00:32:31 -------- d-----w- c:\users\chris\appdata\local\Seven Zip
2016-02-02 00:31:52 -------- d-----w- c:\users\chris\appdata\local\MFAData
2016-02-02 00:30:34 -------- d-----w- c:\programdata\Avg
2016-02-02 00:29:29 -------- d-----w- c:\users\chris\appdata\local\AvgSetupLog
2016-02-02 00:29:29 -------- d-----w- c:\users\chris\appdata\local\Avg
2016-01-27 00:58:12 -------- d-----w- c:\users\chris\appdata\local\CEF
2016-01-27 00:57:59 -------- d-----w- c:\users\chris\appdata\local\Steam
2016-01-26 03:42:46 3466856 ----a-w- c:\program files\mozilla firefox\d3dcompiler_47.dll
2016-01-26 03:42:46 190632 ----a-w- c:\program files\mozilla firefox\gmp-clearkey\0.1\clearkey.dll
2016-01-26 03:42:45 970912 ----a-w- c:\program files\mozilla firefox\msvcr120.dll
2016-01-26 03:42:45 901288 ----a-w- c:\program files\mozilla firefox\icuuc55.dll
2016-01-26 03:42:45 59560 ----a-w- c:\program files\mozilla firefox\lgpllibs.dll
2016-01-26 03:42:45 455328 ----a-w- c:\program files\mozilla firefox\msvcp120.dll
2016-01-26 03:42:45 1287848 ----a-w- c:\program files\mozilla firefox\icuin55.dll
2016-01-26 03:42:45 10592424 ----a-w- c:\program files\mozilla firefox\icudt55.dll
2016-01-26 03:42:42 108712 ----a-w- c:\program files\mozilla firefox\wow_helper.exe
2016-01-26 01:57:50 119808 ----a-r- c:\users\chris\appdata\roaming\microsoft\installer\{ccf298af-9ce1-4b26-b251-486e98a34789}\icons.exe
.
==================== Find3M ====================
.
2016-01-28 01:45:44 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-01-28 01:45:44 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-01-08 15:49:24 207792 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2016-01-08 15:49:18 23472 ----a-w- c:\windows\system32\drivers\avgunivx.sys
2016-01-05 21:18:22 257456 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2015-12-04 19:27:46 37296 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2015-11-20 13:05:14 31664 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
============= FINISH: 17:53:32.63 ===============
Thanks in advance for all your help!
Right now I have 2 issues:
1. My antivirus will not update its definitions, therefore my computer thinks I have a security issue (which it very well might). I've tried Windows Defender and AVG free, neither have been able to be updated. I'm thinking it's some sort of virus/malware that is preventing the definitions from updating. hoping this is something that could be caught in the DDS/Attach!
2. Generally running slowly. Video playback is very choppy, especially when I start to move the mouse.
Overall, once I got my laptop, I started really not worrying much about this, so I'm sure there's tons of malware that shouldn't be on here. I'm hoping you guys don't mind helping! You've always been very helpful in the past!
I'm running Windows Vista Home Premium (32-bit) with SP 1.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18639 BrowserJavaVersion: 10.65.2
Run by Chris at 17:51:09 on 2016-02-15
Microsoft® Windows Vista Home Premium 6.0.6001.1.1252.1.1033.18.2045.730 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition *Enabled/Outdated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Enabled/Outdated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\Av\avgrsx.exe
C:\Program Files\AVG\Av\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Acer\ALaunch\ALaunchSvc.exe
C:\Program Files\AVG\Av\avgidsagent.exe
C:\Program Files\AVG\Framework\Common\avgsvcx.exe
C:\Program Files\AVG\Av\avgwdsvcx.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\SafeConnect\scManager.sys
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\AVG\Av\avgnsx.exe
C:\Program Files\AVG\Av\avgemcx.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Chris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\SafeConnect\scClient.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Chris\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Spotify Web Helper] "c:\users\chris\appdata\roaming\spotify\SpotifyWebHelper.exe"
mRun: [eRecoveryService] <no file>
dRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly
dRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
dRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
StartupFolder: c:\users\chris\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\safeco~1.lnk - c:\program files\safeconnect\scClient.exe
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - <no file>
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001065-0002-0065-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{99153990-3D6B-4ABB-9334-B792BEC34FA3} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B817D1FF-1568-4BA7-AD1A-AC36D53C8E2B} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\48.0.2564.109\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\zam0uv8r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://gamebox.my-quick-search.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - component: c:\users\chris\appdata\roaming\mozilla\firefox\profiles\zam0uv8r.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\chris\appdata\roaming\mozilla\firefox\profiles\zam0uv8r.default\extensions\gamebox@toolbar\components\toolbarhomewmp.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\users\chris\appdata\local\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_20_0_0_286.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2016-1-8 207792]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2015-8-14 308656]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2016-1-22 198576]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2015-12-4 37296]
R0 Avgunivx;AVG Universal Driver;c:\windows\system32\drivers\avgunivx.sys [2016-1-8 23472]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2015-11-6 149936]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2016-1-5 257456]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2015-11-20 31664]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2015-10-21 229296]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2015-10-8 231856]
R2 ALaunchService;ALaunch Service;c:\acer\alaunch\ALaunchSvc.exe [2008-3-17 51200]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\av\avgidsagent.exe [2016-2-1 3881184]
R2 avgsvc;AVG Service;c:\program files\avg\framework\common\avgsvcx.exe [2016-1-12 865704]
R2 avgwd;AVG WatchDog;c:\program files\avg\av\avgwdsvcx.exe [2016-2-1 561104]
R2 SCManager;SafeConnect Manager;c:\program files\safeconnect\scmanager.sys servicestart --> c:\program files\safeconnect\scManager.sys servicestart [?]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-3-17 180736]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-3-17 32256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2008-1-20 19968]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
.
=============== Created Last 30 ================
.
2016-02-14 19:40:27 -------- d-----w- c:\windows\system32\RT 7 Lite
2016-02-12 00:08:54 -------- d-----w- c:\users\chris\appdata\roaming\AVG
2016-02-12 00:07:36 -------- d-----w- c:\users\chris\appdata\roaming\TuneUp Software
2016-02-12 00:06:32 -------- d--h--w- C:\$AVG
2016-02-10 00:56:08 -------- d-----w- c:\program files\NHL Streams
2016-02-02 00:32:31 -------- d-----w- c:\users\chris\appdata\local\Seven Zip
2016-02-02 00:31:52 -------- d-----w- c:\users\chris\appdata\local\MFAData
2016-02-02 00:30:34 -------- d-----w- c:\programdata\Avg
2016-02-02 00:29:29 -------- d-----w- c:\users\chris\appdata\local\AvgSetupLog
2016-02-02 00:29:29 -------- d-----w- c:\users\chris\appdata\local\Avg
2016-01-27 00:58:12 -------- d-----w- c:\users\chris\appdata\local\CEF
2016-01-27 00:57:59 -------- d-----w- c:\users\chris\appdata\local\Steam
2016-01-26 03:42:46 3466856 ----a-w- c:\program files\mozilla firefox\d3dcompiler_47.dll
2016-01-26 03:42:46 190632 ----a-w- c:\program files\mozilla firefox\gmp-clearkey\0.1\clearkey.dll
2016-01-26 03:42:45 970912 ----a-w- c:\program files\mozilla firefox\msvcr120.dll
2016-01-26 03:42:45 901288 ----a-w- c:\program files\mozilla firefox\icuuc55.dll
2016-01-26 03:42:45 59560 ----a-w- c:\program files\mozilla firefox\lgpllibs.dll
2016-01-26 03:42:45 455328 ----a-w- c:\program files\mozilla firefox\msvcp120.dll
2016-01-26 03:42:45 1287848 ----a-w- c:\program files\mozilla firefox\icuin55.dll
2016-01-26 03:42:45 10592424 ----a-w- c:\program files\mozilla firefox\icudt55.dll
2016-01-26 03:42:42 108712 ----a-w- c:\program files\mozilla firefox\wow_helper.exe
2016-01-26 01:57:50 119808 ----a-r- c:\users\chris\appdata\roaming\microsoft\installer\{ccf298af-9ce1-4b26-b251-486e98a34789}\icons.exe
.
==================== Find3M ====================
.
2016-01-28 01:45:44 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-01-28 01:45:44 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-01-08 15:49:24 207792 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2016-01-08 15:49:18 23472 ----a-w- c:\windows\system32\drivers\avgunivx.sys
2016-01-05 21:18:22 257456 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2015-12-04 19:27:46 37296 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2015-11-20 13:05:14 31664 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
============= FINISH: 17:53:32.63 ===============
Thanks in advance for all your help!